Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

66 advisories

Loading
ansible-runner vulnerable to Race Condition Moderate
CVE-2021-3702 was published for ansible-runner (pip) Aug 24, 2022
Potential Observable Timing Discrepancy in Wagtail Moderate
CVE-2020-11037 was published for wagtail (pip) May 7, 2020
thibaudcolas
Zope Object Database Denial of Service vulnerability Moderate
CVE-2010-3495 was published for zodb3 (pip) May 17, 2022
Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible Moderate
CVE-2020-10684 was published for ansible (pip) Apr 7, 2021
WordOps has TOCTOU race condition Moderate
CVE-2024-34528 was published for wordops (pip) May 6, 2024
VirtuBox
Argo Workflows Controller: Denial of Service via malicious daemon Workflows Moderate
CVE-2024-47827 was published for github.com/argoproj/argo-workflows/v3 (Go) Oct 28, 2024
meln5674 agilgur5
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib Moderate
CVE-2009-5011 was published for pyftpdlib (pip) May 2, 2022
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib Moderate
CVE-2009-5010 was published for pyftpdlib (pip) May 2, 2022
Apache Airflow exposes arbitrary file content Moderate
CVE-2022-38170 was published for apache-airflow (pip) Sep 3, 2022
sunSUNQ
Policy bypass for Host Firewall policy due to race condition in Cilium agent Moderate
CVE-2024-42488 was published for github.com/cilium/cilium (Go) Aug 15, 2024
skmatti
ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability Moderate
GHSA-rvj4-q8q5-8grf was published for github.com/traefik/traefik/v2 (Go) Jun 20, 2024
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability Moderate
CVE-2024-35255 was published for @azure/identity (Go) Jun 11, 2024
scottaddie localden
opencontainers runc contains procfs race condition with a shared volume mount Moderate
CVE-2019-19921 was published for github.com/opencontainers/runc (Go) May 27, 2021
Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service Vulnerability Moderate
CVE-2024-30046 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) May 14, 2024
vantage6 vulnerable to a username timing attack on recover password/MFA token Moderate
CVE-2024-24770 was published for vantage6 (pip) Mar 15, 2024
Apache Answer Race Condition vulnerability Moderate
CVE-2024-26578 was published for github.com/apache/incubator-answer (Go) Feb 22, 2024
Apache Tomcat Race Condition vulnerability Moderate
CVE-2018-8037 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
github.com/go-resty/resty/v2 HTTP request body disclosure Moderate
CVE-2023-45286 was published for github.com/go-resty/resty/v2 (Go) Nov 28, 2023
shanduur Kryvchun
billinghamj deerbone neilgierman hansmi
Deis Workflow Manager race condition vulnerability Moderate
CVE-2016-15036 was published for github.com/deis/workflow-manager (Go) Dec 23, 2023
Harbor timing attack risk Moderate
CVE-2023-20902 was published for github.com/goharbor/harbor (Go) Oct 10, 2023
`chainId` may be outdated if user changes chains as part of connection in @web3-react Moderate
CVE-2023-30543 was published for @web3-react/coinbase-wallet (npm) Apr 18, 2023
session fixation protection mechanism in cgi_process.rb in Rails Moderate
CVE-2007-6077 was published for rails (RubyGems) Oct 24, 2017
Magento 2 Community Edition RCE Vulnerability Moderate
CVE-2019-8232 was published for magento/community-edition (Composer) May 24, 2022
Beego has a file creation race condition Moderate
CVE-2019-16354 was published for github.com/astaxie/beego (Go) Aug 2, 2021
Race condition in tokio Moderate
CVE-2021-38191 was published for tokio (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database