Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,201 advisories

Loading
Improper Link Resolution Before File Access ('Link Following') vulnerability in QFileSystemEngine... High Unreviewed
CVE-2025-4211 was published May 16, 2025
The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local... Moderate Unreviewed
CVE-2025-3908 was published May 19, 2025
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Passwordless... Moderate Unreviewed
CVE-2025-2102 was published May 21, 2025
Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based)... High Unreviewed
CVE-2025-47181 was published May 23, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-31198 was published May 30, 2025
Bluetooth HCI Adaptor from Realtek has a Link Following vulnerability. Local attackers with... High Unreviewed
CVE-2024-11857 was published Jun 2, 2025
A privilege escalation vulnerability exists in the virtual machine archive restoration... High Unreviewed
CVE-2024-36486 was published Jun 3, 2025
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop... High Unreviewed
CVE-2024-52561 was published Jun 3, 2025
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop... High Unreviewed
CVE-2024-54189 was published Jun 3, 2025
2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-5474 was published Jun 6, 2025
Improper link resolution before file access ('link following') in Windows Recovery Driver allows... High Unreviewed
CVE-2025-32721 was published Jun 10, 2025
Improper link resolution before file access ('link following') in Windows Installer allows an... High Unreviewed
CVE-2025-33075 was published Jun 10, 2025
os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the... Moderate Unreviewed
CVE-2025-0913 was published Jun 11, 2025
A link following vulnerability in the Trend Micro Apex One scan engine could allow a local... High Unreviewed
CVE-2025-49156 was published Jun 17, 2025
A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a... High Unreviewed
CVE-2025-49157 was published Jun 17, 2025
A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security... High Unreviewed
CVE-2025-30641 was published Jun 17, 2025
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local... High Unreviewed
CVE-2025-30640 was published Jun 17, 2025
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local... Moderate Unreviewed
CVE-2025-30642 was published Jun 17, 2025
Improper Link Resolution Before File Access ('Link Following') vulnerability in yrutschle sslh... Critical Unreviewed
CVE-2025-52936 was published Jun 23, 2025
A path or symbolic link manipulation vulnerability in SIR 1.0.3 and prior versions allows an... High Unreviewed
CVE-2025-3771 was published Jun 26, 2025
@modelcontextprotocol/server-filesystem allows for path validation bypass via prefix matching and symlink handling High
CVE-2025-53109 was published for @modelcontextprotocol/server-filesystem (npm) Jul 1, 2025
A low privileged remote attacker with file access can replace a critical file used by the... High Unreviewed
CVE-2025-41666 was published Jul 8, 2025
A low privileged remote attacker with file access can replace a critical file used by the arp... High Unreviewed
CVE-2025-41667 was published Jul 8, 2025
A low privileged remote attacker with file access can replace a critical file or folder used by... High Unreviewed
CVE-2025-41668 was published Jul 8, 2025
Improper link resolution before file access ('link following') in Service Fabric allows an... Moderate Unreviewed
CVE-2025-21195 was published Jul 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database