Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,552
Maven
5,000+
npm
4,224
NuGet
746
pip
3,999
Pub
12
RubyGems
953
Rust
1,041
Swift
45
Unreviewed advisories
All unreviewed
5,000+

89 advisories

Loading
Next.js Race Condition to Cache Poisoning Low
CVE-2025-32421 was published for next (npm) May 15, 2025
cold-try
Credited to cold-try
A vulnerability has been found in Smartstore up to 6.2.0. The affected element is an unknown... Low Unreviewed
CVE-2025-10778 was published Sep 22, 2025
A vulnerability was detected in GrandNode up to 2.3.0. The impacted element is an unknown... Low Unreviewed
CVE-2025-10216 was published Sep 10, 2025
nopCommerce before 4.80.0 does not offer locking for order placement. Thus there is a race... Low Unreviewed
CVE-2024-58248 was published Apr 16, 2025
Taylor has race condition in /get-patch that allows purchase token replay Low
GHSA-vh5j-5fhq-9xwg was published for taylored (npm) Jun 27, 2025
snyff
Credited to snyff
process_lock has a Potential Unsound issue in unlock Low
CVE-2025-48751 was published for process_lock (Rust) May 24, 2025
In the anode crate 0.1.0 for Rust, data races can occur in unlock in SpinLock. Low Unreviewed
CVE-2025-48753 was published May 24, 2025
wgp race condition in inner::drop Low
CVE-2025-47735 was published for wgp (Rust) May 9, 2025
Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for the output file when... Low Unreviewed
CVE-2015-1200 was published May 17, 2022
Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound... Low Unreviewed
CVE-2014-4652 was published May 13, 2022
Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux... Low Unreviewed
CVE-2010-1437 was published May 2, 2022
Race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a... Low Unreviewed
CVE-2006-1057 was published May 1, 2022
A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar... Low Unreviewed
CVE-2004-2491 was published Apr 29, 2022
Akfingerd 0.5 and earlier versions allow local users to cause a denial of service (crash) via a ... Low Unreviewed
CVE-2002-2244 was published Apr 30, 2022
Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext. Low Unreviewed
CVE-1999-0861 was published Apr 30, 2022
Kubernetes kube-apiserver Vulnerable to Race Condition Low
CVE-2024-7598 was published for k8s.io/kubernetes/cmd/kube-apiserver (Go) Mar 20, 2025
Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 is intended to disable accounts that have... Low Unreviewed
CVE-2025-30235 was published Mar 19, 2025
Race condition in Endorsements Low
CVE-2023-47634 was published for decidim (RubyGems) Feb 20, 2024
microstudi alecslupu
andreslucena
Credited to microstudi, alecslupu, and andreslucena
The Gallery app has the risk of hijacking attacks. Successful exploitation of this vulnerability... Low Unreviewed
CVE-2023-31225 was published May 26, 2023
Mattermost race condition Low
CVE-2024-1949 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
Ansible vulnerable to Exposure of Resource to Wrong Sphere and Insecure Temporary File Low
CVE-2020-1733 was published for ansible (pip) Apr 20, 2021
Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible Low
CVE-2020-10744 was published for ansible (pip) Feb 9, 2022
Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR... Low Unreviewed
CVE-2015-4481 was published May 14, 2022
Race condition in zenml Low
CVE-2024-2032 was published for zenml (pip) Jun 6, 2024
Race in Frames in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a... Low Unreviewed
CVE-2024-6996 was published Aug 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database