GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
68 advisories
Filter by severity
Moby Race Condition vulnerability
High
CVE-2024-36621
was published
for
github.com/moby/moby
(Go)
Nov 29, 2024
Moby Race Condition vulnerability
High
CVE-2024-36623
was published
for
github.com/moby/moby
(Go)
Nov 29, 2024
Gradio has a race condition in update_root_in_config may redirect user traffic
High
CVE-2024-47870
was published
for
gradio
(pip)
Oct 10, 2024
Microsoft Security Advisory CVE-2024-38229 | .NET Remote Code Execution Vulnerability
High
CVE-2024-38229
was published
for
Microsoft.AspNetCore.App.Runtime.linux-arm
(NuGet)
Oct 8, 2024
Incorrect delegation lookups can make go-tuf download the wrong artifact
High
CVE-2024-47534
was published
for
github.com/theupdateframework/go-tuf/v2
(Go)
Oct 1, 2024
Undertow vulnerable to Race Condition
High
CVE-2024-7885
was published
for
io.undertow:undertow-core
(Maven)
Aug 21, 2024
BuildKit vulnerable to possible race condition with accessing subpaths from cache mounts
High
CVE-2024-23651
was published
for
github.com/moby/buildkit
(Go)
Jan 31, 2024
Fabric vulnerable to crosslinking transaction attack
High
CVE-2023-46132
was published
for
github.com/hyperledger/fabric
(Go)
Nov 14, 2023
ZITADEL race condition in lockout policy execution
High
CVE-2023-47111
was published
for
github.com/zitadel/zitadel
(Go)
Nov 8, 2023
Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability
High
CVE-2023-33170
was published
for
Microsoft.AspNet.Identity.Owin
(NuGet)
Jul 11, 2023
Deno is vulnerable to race condition via interactive permission prompt spoofing
High
CVE-2023-22499
was published
for
deno
(Rust)
Jan 20, 2023
Talos vulnerable dependency due to race condition in Linux kernel's IP framework XFRM
High
GHSA-34vw-m4rh-r36p
was published
for
github.com/talos-systems/talos
(Go)
Sep 16, 2022
October CMS upload process vulnerable to RCE via Race Condition
High
CVE-2022-24800
was published
for
october/system
(Composer)
Jul 13, 2022
Data race in `Iter` and `IterMut`
High
GHSA-9hpw-r23r-xgm5
was published
for
thread_local
(Rust)
Jun 17, 2022
Uncaught Exception (due to a data race) leads to process termination in Waitress
High
CVE-2022-31015
was published
for
waitress
(pip)
Jun 2, 2022
LXD vulnerable to Race Condition
High
CVE-2015-1340
was published
for
github.com/lxc/lxd
(Go)
May 24, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in pyftpdlib
High
CVE-2010-3494
was published
for
pyftpdlib
(pip)
May 17, 2022
Apache Guacamole Race Condition vulnerability
High
CVE-2017-3158
was published
for
org.apache.guacamole:guacamole-common
(Maven)
May 14, 2022
Race Condition in Jenkins
High
CVE-2017-1000503
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
Phusion Passenger Race Condition Allows Privilege Escalation
High
CVE-2018-12029
was published
for
passenger
(RubyGems)
May 14, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Apache Tomcat
High
CVE-2016-8745
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Radicale is vulnerable to timing oracles and simple bruteforce attacks
High
CVE-2017-8342
was published
for
Radicale
(pip)
May 13, 2022
crossbeam-utils Race Condition vulnerability
High
CVE-2022-23639
was published
for
crossbeam-utils
(Rust)
Feb 16, 2022
Improper synchronization in Apache Netbeans HTML/Java API
High
CVE-2020-17534
was published
for
org.netbeans.html:pom
(Maven)
Feb 9, 2022
ProTip!
Advisories are also available from the
GraphQL API