Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

60 advisories

Loading
Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability High
CVE-2023-33170 was published for Microsoft.AspNet.Identity.Owin (NuGet) Jul 11, 2023
DmitriyLewen gillarramendi
Race condition in org.apache.hbase:hbase-thrift High
CVE-2018-8025 was published for org.apache.hbase:hbase-thrift (Maven) Oct 18, 2018
MarkLee131
Race Condition in Jenkins High
CVE-2017-1000503 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
sunSUNQ
Concurrent Execution using Shared Resource with Improper Synchronization in Apache Tomcat High
CVE-2016-8745 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
BuildKit vulnerable to possible race condition with accessing subpaths from cache mounts High
CVE-2024-23651 was published for github.com/moby/buildkit (Go) Jan 31, 2024
rmcnamara-snyk
snapd Race Condition vulnerability High
CVE-2022-3328 was published for github.com/snapcore/snapd (Go) Jan 8, 2024
Fabric vulnerable to crosslinking transaction attack High
CVE-2023-46132 was published for github.com/hyperledger/fabric (Go) Nov 14, 2023
yacovm
ZITADEL race condition in lockout policy execution High
CVE-2023-47111 was published for github.com/zitadel/zitadel (Go) Nov 8, 2023
itz-d0dgy livio-a
LXD vulnerable to Race Condition High
CVE-2015-1340 was published for github.com/lxc/lxd (Go) May 24, 2022
Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible High
CVE-2020-10684 was published for ansible (pip) Apr 7, 2021
Webargs mishandles concurrent JSON parsing High
CVE-2019-9710 was published for webargs (pip) Mar 12, 2019
private_address_check contains race condition High
CVE-2018-3759 was published for private_address_check (RubyGems) Jul 31, 2018
Radicale is vulnerable to timing oracles and simple bruteforce attacks High
CVE-2017-8342 was published for Radicale (pip) May 13, 2022
Phusion Passenger Race Condition Allows Privilege Escalation High
CVE-2018-12029 was published for passenger (RubyGems) May 14, 2022
Data race in conqueue High
CVE-2020-36437 was published for conqueue (Rust) Aug 25, 2021
Data races in slock High
CVE-2020-36455 was published for slock (Rust) Aug 25, 2021
J3rry-1729
Data races on syncpool High
GHSA-r88h-6987-g79f was published for syncpool (Rust) Aug 25, 2021
Data races in v9 High
GHSA-pfjq-935c-4895 was published for v9 (Rust) Aug 25, 2021
Data race in abox High
CVE-2020-36441 was published for abox (Rust) Aug 25, 2021
Data races in ticketed_lock High
CVE-2020-36439 was published for ticketed_lock (Rust) Aug 25, 2021
Data race in tiny_future High
CVE-2020-36438 was published for tiny_future (Rust) Aug 25, 2021
Race Condition in tokio High
CVE-2021-45710 was published for tokio (Rust) Jan 6, 2022
Data races in ticketed_lock High
GHSA-gq4h-f254-7cw9 was published for ticketed_lock (Rust) Aug 25, 2021
Data race in syncpool High
CVE-2020-36462 was published for syncpool (Rust) Aug 25, 2021
Data races in tiny_future High
GHSA-m296-j53x-xv95 was published for tiny_future (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API