Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,201 advisories

Loading
Client RCE on macOS and Linux via improper symbolic link resolution in Google Web Designer's... High Unreviewed
CVE-2025-1079 was published May 12, 2025
Dell Encryption and Dell Security Management Server, versions prior to 11.11.0, contain an... High Unreviewed
CVE-2025-36611 was published Jul 30, 2025
_is_safe in the File::Temp module for Perl does not properly handle symlinks. Moderate Unreviewed
CVE-2011-4116 was published Apr 22, 2022
os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the... Moderate Unreviewed
CVE-2025-0913 was published Jun 11, 2025
Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-42125 was published May 3, 2024
A potential security vulnerability has been identified in the HPAudioAnalytics service included... Moderate Unreviewed
CVE-2025-43490 was published Aug 15, 2025
CWE-59: Improper Link Resolution Before File Access ('Link Following') vulnerability exists that... High Unreviewed
CVE-2025-5296 was published Aug 18, 2025
AOMEI Backupper Workstation Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-8612 was published Aug 20, 2025
n8n symlink traversal vulnerability in "Read/Write File" node allows access to restricted files Moderate
CVE-2025-57749 was published for n8n (npm) Aug 20, 2025
Mahmoud0x00
Credited to Mahmoud0x00
A path collision and arbitrary code execution vulnerability was identified in GitHub Enterprise... High Unreviewed
CVE-2024-10007 was published Nov 7, 2024
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2024-54554 was published Aug 29, 2025
HashiCorp go-getter Vulnerable to Symlink Attacks High
CVE-2025-8959 was published for github.com/hashicorp/go-getter (Go) Aug 15, 2025
Dell Alienware Command Center 5.x (AWCC), versions prior to 5.10.2.0, contains an Improper Link... Moderate Unreviewed
CVE-2025-43726 was published Sep 2, 2025
A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a... High Unreviewed
CVE-2025-49157 was published Jun 17, 2025
A link following vulnerability in the Trend Micro Apex One scan engine could allow a local... High Unreviewed
CVE-2025-49156 was published Jun 17, 2025
Improper link resolution before file access ('link following') in Microsoft AutoUpdate (MAU)... High Unreviewed
CVE-2025-55317 was published Sep 9, 2025
Improper link resolution before file access ('link following') in Xbox allows an authorized... High Unreviewed
CVE-2025-55245 was published Sep 9, 2025
Improper link resolution before file access ('link following') in Windows Update Service allows... High Unreviewed
CVE-2025-48799 was published Jul 8, 2025
A link following vulnerability has been reported to affect several QNAP operating system versions... High Unreviewed
CVE-2024-53691 was published Dec 6, 2024
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (Windows client... High Unreviewed
CVE-2025-34194 was published Sep 19, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.843 and... High Unreviewed
CVE-2025-34191 was published Sep 19, 2025
Improper handling of symbolic links in the TeamViewer Full Client and Host for Windows — in... Moderate Unreviewed
CVE-2025-41421 was published Oct 1, 2025
Trend Micro Password Manager (Consumer) version 5.8.0.1327 and below is vulnerable to a Link... High Unreviewed
CVE-2025-52837 was published Jul 10, 2025
A security vulnerability has been detected in wonderwhy-er DesktopCommanderMCP up to 0.2.13. This... Low Unreviewed
CVE-2025-11489 was published Oct 8, 2025
A link following vulnerability exists in the UnifyScanner component of Armoury Crate. This... High Unreviewed
CVE-2025-9968 was published Oct 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database