Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,884
Erlang
37
GitHub Actions
38
Go
2,546
Maven
5,000+
npm
4,205
NuGet
743
pip
3,978
Pub
12
RubyGems
947
Rust
1,034
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,757 advisories

Loading
Race condition vulnerability in the kernel hufs module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2025-54651 was published Aug 6, 2025
Race condition issue occurring in the physical page import process of the memory management... Moderate Unreviewed
CVE-2025-54629 was published Aug 6, 2025
Webargs mishandles concurrent JSON parsing High
CVE-2019-9710 was published for webargs (pip) Mar 12, 2019
saip007
OpenNebula Community Edition (CE) before 7.0.0 and Enterprise Edition (EE) before 6.10.3 have a... High Unreviewed
CVE-2025-54955 was published Aug 3, 2025
A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia... Critical Unreviewed
CVE-2025-43244 was published Jul 30, 2025
A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia... Critical Unreviewed
CVE-2025-43275 was published Jul 30, 2025
nopCommerce before 4.80.0 does not offer locking for order placement. Thus there is a race... Low Unreviewed
CVE-2024-58248 was published Apr 16, 2025
A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned... Moderate Unreviewed
CVE-2025-45731 was published Jul 24, 2025
A race condition vulnerability exists in the aVideoEncoder.json.php unzip functionality of WWBN... High Unreviewed
CVE-2025-25214 was published Jul 24, 2025
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability Moderate
CVE-2024-35255 was published for @azure/identity (Go) Jun 11, 2024
scottaddie localden
Timing based private key exposure in Bouncy Castle Moderate
CVE-2020-15522 was published for BouncyCastle (Maven) Aug 13, 2021
klaudialax
Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed
CVE-2025-49737 was published Jul 8, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed
CVE-2025-49690 was published Jul 8, 2025
Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-49678 was published Jul 8, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed
CVE-2025-49665 was published Jul 8, 2025
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to... High Unreviewed
CVE-2025-48000 was published Jul 8, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed
CVE-2025-47972 was published Jul 8, 2025
IBM Storage Virtualize 8.5, 8.6, and 8.7 products could allow a user to escalate their privileges... Moderate Unreviewed
CVE-2025-1351 was published Jul 7, 2025
Taylor has race condition in /get-patch that allows purchase token replay Low
GHSA-vh5j-5fhq-9xwg was published for taylored (npm) Jun 27, 2025
snyff
A race condition in the Nix, Lix, and Guix package managers enables changing the ownership of... Moderate Unreviewed
CVE-2025-52993 was published Jun 27, 2025
Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized... High Unreviewed
CVE-2024-0605 was published Jan 22, 2024
Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code... High Unreviewed
CVE-2025-32710 was published Jun 10, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2),... Moderate Unreviewed
CVE-2025-40569 was published Jun 10, 2025
A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary... High Unreviewed
CVE-2018-15687 was published May 13, 2022
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through... Moderate Unreviewed
CVE-2025-24493 was published Jun 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database