Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

902 advisories

Loading
node-tar has a race condition leading to uninitialized memory exposure Moderate
CVE-2025-64118 was published for tar (npm) Oct 30, 2025
ChALkeR
Credited to ChALkeR
In the Linux kernel, the following vulnerability has been resolved: fscache: Fix invalidation... Moderate Unreviewed
CVE-2022-49655 was published Oct 23, 2025
In the Linux kernel, the following vulnerability has been resolved: zsmalloc: fix races between... Moderate Unreviewed
CVE-2022-49554 was published Oct 22, 2025
In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix race in... Moderate Unreviewed
CVE-2022-49540 was published Oct 21, 2025
A concurrent execution using shared resource with improper synchronization ('Race Condition')... Moderate Unreviewed
CVE-2025-54973 was published Oct 14, 2025
A vulnerability was detected in Tomofun Furbo 360 up to FB0035_FW_036. Impacted is an unknown... Moderate Unreviewed
CVE-2025-11637 was published Oct 12, 2025
In the Linux kernel, the following vulnerability has been resolved: igmp: Fix data-races around... Moderate Unreviewed
CVE-2022-49589 was published Oct 1, 2025
Quadient DS-700 iQ devices through 2025-09-30 might have a race condition during the quick... Moderate Unreviewed
CVE-2025-61792 was published Oct 1, 2025
Repository Credentials Race Condition Crashes Argo CD Server Moderate
CVE-2025-55191 was published for github.com/argoproj/argo-cd/v2 (Go) Sep 30, 2025
thevilledev
Credited to thevilledev
In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call... Moderate Unreviewed
CVE-2022-49089 was published Sep 23, 2025
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call timer start... Moderate Unreviewed
CVE-2022-49149 was published Sep 23, 2025
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')... Moderate Unreviewed
CVE-2025-59577 was published Sep 22, 2025
In JetBrains TeamCity before 2025.07.2 project isolation bypass was possible due to race condition Moderate Unreviewed
CVE-2025-59455 was published Sep 17, 2025
A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2025-43292 was published Sep 16, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... Moderate Unreviewed
CVE-2025-55226 was published Sep 9, 2025
NVIDIA Mellanox DPDK contains a vulnerability in Poll Mode Driver (PMD), where an attacker on a... Moderate Unreviewed
CVE-2025-23259 was published Sep 5, 2025
Race condition vulnerability in the device standby module. Impact: Successful exploitation of... Moderate Unreviewed
CVE-2025-58313 was published Sep 5, 2025
Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated... Moderate Unreviewed
CVE-2025-49456 was published Aug 13, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... Moderate Unreviewed
CVE-2025-49743 was published Aug 12, 2025
Shopware race condition bypasses voucher restrictions Moderate
CVE-2025-7954 was published for shopware/platform (Composer) Aug 6, 2025
Race condition vulnerability in the kernel hufs module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2025-54651 was published Aug 6, 2025
Race condition issue occurring in the physical page import process of the memory management... Moderate Unreviewed
CVE-2025-54629 was published Aug 6, 2025
A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned... Moderate Unreviewed
CVE-2025-45731 was published Jul 24, 2025
Apache Tomcat Utilities is vulnerable to resource exhaustion when using the APR/Native connector Moderate
CVE-2025-52434 was published for org.apache.tomcat:tomcat-util (Maven) Jul 10, 2025
IBM Storage Virtualize 8.5, 8.6, and 8.7 products could allow a user to escalate their privileges... Moderate Unreviewed
CVE-2025-1351 was published Jul 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database