Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,262
NuGet
760
pip
4,058
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,201 advisories

Loading
Improper link resolution before file access ('link following') in Host Process for Windows Tasks... High Unreviewed
CVE-2025-60710 was published Nov 11, 2025
Improper link resolution before file access ('link following') in Windows Routing and Remote... Moderate Unreviewed
CVE-2025-59510 was published Nov 11, 2025
Improper link resolution before file access ('link following') for some Intel(R) Server... Moderate Unreviewed
CVE-2025-24918 was published Nov 11, 2025
The ACAP Application framework could allow privilege escalation through a symlink attack. This... Moderate Unreviewed
CVE-2025-5718 was published Nov 11, 2025
A privilege escalation vulnerability was identified in GitHub Enterprise Server that allowed an... High Unreviewed
CVE-2025-11578 was published Nov 11, 2025
Potential Denial of Service issue in all supported versions of Revenera InstallShield version... Moderate Unreviewed
CVE-2025-12418 was published Nov 8, 2025
KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes Moderate
CVE-2025-64437 was published for github.com/kubevirt/kubevirt (Go) Nov 6, 2025
mihailkirov Faeris95
xpivarc
Credited to mihailkirov, Faeris95, and xpivarc
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43446 was published Nov 4, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in visionOS 26... Moderate Unreviewed
CVE-2025-43448 was published Nov 4, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2025-43394 was published Nov 4, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in visionOS 26... Moderate Unreviewed
CVE-2025-43379 was published Nov 4, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma... Low Unreviewed
CVE-2025-43395 was published Nov 4, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43288 was published Nov 4, 2025
Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-9871 was published Oct 29, 2025
Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-9869 was published Oct 29, 2025
Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-9870 was published Oct 29, 2025
A vulnerability was detected in ermig1979 AntiDupl up to 2.3.12. Impacted is an unknown function... High Unreviewed
CVE-2025-12341 was published Oct 28, 2025
Git LFS may write to arbitrary files via crafted symlinks High
CVE-2025-26625 was published for github.com/git-lfs/git-lfs (Go) Oct 17, 2025
Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability High
CVE-2025-55247 was published for Microsoft.Build (NuGet) Oct 15, 2025
rbhanda
Credited to rbhanda
Improper link resolution before file access ('link following') in XBox Gaming Services allows an... High Unreviewed
CVE-2025-59281 was published Oct 14, 2025
Improper link resolution before file access ('link following') in Windows Health and Optimized... High Unreviewed
CVE-2025-59241 was published Oct 14, 2025
Duplicate Advisory: Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability High
GHSA-q8g5-rw97-f55h was published for Microsoft.Build.Tasks.Core (NuGet) Oct 14, 2025 withdrawn
A link following vulnerability exists in the UnifyScanner component of Armoury Crate. This... High Unreviewed
CVE-2025-9968 was published Oct 13, 2025
A security vulnerability has been detected in wonderwhy-er DesktopCommanderMCP up to 0.2.13. This... Low Unreviewed
CVE-2025-11489 was published Oct 8, 2025
Improper Link Resolution Before File Access in the AWS VPN Client for macOS versions 1.3.2- 5.2.0... Critical Unreviewed
CVE-2025-11462 was published Oct 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database