Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

493 advisories

Loading
Potential Denial of Service issue in all supported versions of Revenera InstallShield version... Moderate Unreviewed
CVE-2025-12418 was published Nov 8, 2025
KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes Moderate
CVE-2025-64437 was published for github.com/kubevirt/kubevirt (Go) Nov 6, 2025
mihailkirov Faeris95
Credited to mihailkirov and Faeris95
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43446 was published Nov 4, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in visionOS 26... Moderate Unreviewed
CVE-2025-43448 was published Nov 4, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in visionOS 26... Moderate Unreviewed
CVE-2025-43379 was published Nov 4, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2025-43394 was published Nov 4, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43288 was published Nov 4, 2025
Improper handling of symbolic links in the TeamViewer Full Client and Host for Windows — in... Moderate Unreviewed
CVE-2025-41421 was published Oct 1, 2025
pip's fallback tar extraction doesn't check symbolic links point to extraction directory Moderate
CVE-2025-8869 was published for pip (pip) Sep 24, 2025
cai0duque bentasker
swils23 ichard26
Credited to cai0duque, bentasker, swils23, and ichard26
Dell Alienware Command Center 5.x (AWCC), versions prior to 5.10.2.0, contains an Improper Link... Moderate Unreviewed
CVE-2025-43726 was published Sep 2, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2024-54554 was published Aug 29, 2025
n8n symlink traversal vulnerability in "Read/Write File" node allows access to restricted files Moderate
CVE-2025-57749 was published for n8n (npm) Aug 20, 2025
Mahmoud0x00
Credited to Mahmoud0x00
A potential security vulnerability has been identified in the HPAudioAnalytics service included... Moderate Unreviewed
CVE-2025-43490 was published Aug 15, 2025
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in... Moderate Unreviewed
CVE-2025-43252 was published Jul 30, 2025
Improper link resolution before file access ('link following') in Service Fabric allows an... Moderate Unreviewed
CVE-2025-21195 was published Jul 8, 2025
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local... Moderate Unreviewed
CVE-2025-30642 was published Jun 17, 2025
os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the... Moderate Unreviewed
CVE-2025-0913 was published Jun 11, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-31198 was published May 30, 2025
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Passwordless... Moderate Unreviewed
CVE-2025-2102 was published May 21, 2025
The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local... Moderate Unreviewed
CVE-2025-3908 was published May 19, 2025
Improper link resolution before file access ('link following') in Windows Installer allows an... Moderate Unreviewed
CVE-2025-29837 was published May 13, 2025
VMware Tools contains an insecure file handling vulnerability. A malicious actor with non... Moderate Unreviewed
CVE-2025-22247 was published May 12, 2025
A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for... Moderate Unreviewed
CVE-2025-1697 was published Apr 18, 2025
Dell Trusted Device, versions prior to 7.0.3.0, contain an Improper Link Resolution Before File... Moderate Unreviewed
CVE-2025-29983 was published Apr 15, 2025
An Improper Link Resolution Before File Access ('Link Following') vulnerability in SonicWall... Moderate Unreviewed
CVE-2025-23010 was published Apr 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database