Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,201 advisories

Loading
Improper handling of symbolic links in the TeamViewer Full Client and Host for Windows — in... Moderate Unreviewed
CVE-2025-41421 was published Oct 1, 2025
Improper Link Resolution Before File Access in the AWS VPN Client for macOS versions 1.3.2- 5.2.0... Critical Unreviewed
CVE-2025-11462 was published Oct 7, 2025
A security vulnerability has been detected in wonderwhy-er DesktopCommanderMCP up to 0.2.13. This... Low Unreviewed
CVE-2025-11489 was published Oct 8, 2025
A link following vulnerability exists in the UnifyScanner component of Armoury Crate. This... High Unreviewed
CVE-2025-9968 was published Oct 13, 2025
Duplicate Advisory: Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability High
GHSA-q8g5-rw97-f55h was published for Microsoft.Build.Tasks.Core (NuGet) Oct 14, 2025 withdrawn
Improper link resolution before file access ('link following') in Windows Health and Optimized... High Unreviewed
CVE-2025-59241 was published Oct 14, 2025
Improper link resolution before file access ('link following') in XBox Gaming Services allows an... High Unreviewed
CVE-2025-59281 was published Oct 14, 2025
Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability High
CVE-2025-55247 was published for Microsoft.Build (NuGet) Oct 15, 2025
rbhanda
Credited to rbhanda
Git LFS may write to arbitrary files via crafted symlinks High
CVE-2025-26625 was published for github.com/git-lfs/git-lfs (Go) Oct 17, 2025
A vulnerability was detected in ermig1979 AntiDupl up to 2.3.12. Impacted is an unknown function... High Unreviewed
CVE-2025-12341 was published Oct 28, 2025
Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-9871 was published Oct 29, 2025
Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-9869 was published Oct 29, 2025
Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-9870 was published Oct 29, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43288 was published Nov 4, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2025-43394 was published Nov 4, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in visionOS 26... Moderate Unreviewed
CVE-2025-43379 was published Nov 4, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma... Low Unreviewed
CVE-2025-43395 was published Nov 4, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43446 was published Nov 4, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in visionOS 26... Moderate Unreviewed
CVE-2025-43448 was published Nov 4, 2025
KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes Moderate
CVE-2025-64437 was published for github.com/kubevirt/kubevirt (Go) Nov 6, 2025
mihailkirov Faeris95
xpivarc
Credited to mihailkirov, Faeris95, and xpivarc
Potential Denial of Service issue in all supported versions of Revenera InstallShield version... Moderate Unreviewed
CVE-2025-12418 was published Nov 8, 2025
A privilege escalation vulnerability was identified in GitHub Enterprise Server that allowed an... High Unreviewed
CVE-2025-11578 was published Nov 11, 2025
The ACAP Application framework could allow privilege escalation through a symlink attack. This... Moderate Unreviewed
CVE-2025-5718 was published Nov 11, 2025
Improper link resolution before file access ('link following') for some Intel(R) Server... Moderate Unreviewed
CVE-2025-24918 was published Nov 11, 2025
Improper link resolution before file access ('link following') in Windows Routing and Remote... Moderate Unreviewed
CVE-2025-59510 was published Nov 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database