Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

61 advisories

Loading
Talos vulnerable dependency due to race condition in Linux kernel's IP framework XFRM High
GHSA-34vw-m4rh-r36p was published for github.com/talos-systems/talos (Go) Sep 16, 2022
Data race in `Iter` and `IterMut` High
GHSA-9hpw-r23r-xgm5 was published for thread_local (Rust) Jun 17, 2022
Data races in convec High
CVE-2020-36445 was published for convec (Rust) Aug 25, 2021
Data races in libsbc High
CVE-2020-36440 was published for libsbc (Rust) Aug 25, 2021
Data races in beef High
CVE-2020-36442 was published for beef (Rust) Aug 25, 2021
Data races in unicycle High
CVE-2020-36436 was published for unicycle (Rust) Aug 25, 2021
Data race in ruspiro-singleton High
CVE-2020-36435 was published for ruspiro-singleton (Rust) Aug 25, 2021
Data races in async-coap High
CVE-2020-36444 was published for async-coap (Rust) Aug 25, 2021
October CMS upload process vulnerable to RCE via Race Condition High
CVE-2022-24800 was published for october/system (Composer) Jul 13, 2022
Apache Guacamole Race Condition vulnerability High
CVE-2017-3158 was published for org.apache.guacamole:guacamole-common (Maven) May 14, 2022
crossbeam-utils Race Condition vulnerability High
CVE-2022-23639 was published for crossbeam-utils (Rust) Feb 16, 2022
saethlin
Improper synchronization in Apache Netbeans HTML/Java API High
CVE-2020-17534 was published for org.netbeans.html:pom (Maven) Feb 9, 2022
Data races in toolshed High
CVE-2020-36456 was published for toolshed (Rust) Aug 25, 2021
Data races in model High
CVE-2020-36460 was published for model (Rust) Aug 25, 2021
Data races in dces High
CVE-2020-36459 was published for dces (Rust) Aug 25, 2021
Data races in rcu_cell High
CVE-2020-36451 was published for rcu_cell (Rust) Aug 25, 2021
Data races in cache High
CVE-2020-36448 was published for cache (Rust) Aug 25, 2021
Data races in lexer High
CVE-2020-36458 was published for lexer (Rust) Aug 25, 2021
Data races in bunch High
CVE-2020-36450 was published for bunch (Rust) Aug 25, 2021
Data races in scottqueue High
CVE-2020-36453 was published for scottqueue (Rust) Aug 25, 2021
Improper Synchronization and Race Condition in vm-memory High
CVE-2020-13759 was published for vm-memory (Rust) Aug 25, 2021
mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs High
CVE-2021-30465 was published for github.com/opencontainers/runc (Go) May 25, 2021
champtar
Data races in lever High
CVE-2020-36457 was published for lever (Rust) Aug 25, 2021
tdunlap607
Deno is vulnerable to race condition via interactive permission prompt spoofing High
CVE-2023-22499 was published for deno (Rust) Jan 20, 2023
LeoDog896 another-rex
Out-of-bounds Write and Race Condition in metrics-util High
CVE-2021-45704 was published for metrics-util (Rust) Jan 6, 2022
ProTip! Advisories are also available from the GraphQL API