Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

442 advisories

Loading
Dell Alienware Command Center 5.x (AWCC), versions prior to 5.10.2.0, contains an Improper Link... Moderate Unreviewed
CVE-2025-43726 was published Sep 2, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2024-54554 was published Aug 29, 2025
A potential security vulnerability has been identified in the HPAudioAnalytics service included... Moderate Unreviewed
CVE-2025-43490 was published Aug 15, 2025
os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the... Moderate Unreviewed
CVE-2025-0913 was published Jun 11, 2025
_is_safe in the File::Temp module for Perl does not properly handle symlinks. Moderate Unreviewed
CVE-2011-4116 was published Apr 22, 2022
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in... Moderate Unreviewed
CVE-2025-43252 was published Jul 30, 2025
Improper link resolution before file access ('link following') in Service Fabric allows an... Moderate Unreviewed
CVE-2025-21195 was published Jul 8, 2025
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local... Moderate Unreviewed
CVE-2025-30642 was published Jun 17, 2025
cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote... Moderate Unreviewed
CVE-2010-4226 was published May 17, 2022
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-31198 was published May 30, 2025
A link-manipulation issue was discovered in Mega HOPEX 15.2.0.6110 before V5CP4. Moderate Unreviewed
CVE-2022-38482 was published Jan 10, 2023
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Passwordless... Moderate Unreviewed
CVE-2025-2102 was published May 21, 2025
The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local... Moderate Unreviewed
CVE-2025-3908 was published May 19, 2025
VMware Tools contains an insecure file handling vulnerability. A malicious actor with non... Moderate Unreviewed
CVE-2025-22247 was published May 12, 2025
Improper link resolution before file access ('link following') in Windows Installer allows an... Moderate Unreviewed
CVE-2025-29837 was published May 13, 2025
foo2zjs before 20110722dfsg-3ubuntu1 as packaged in Ubuntu, 20110722dfsg-1 as packaged in Debian... Moderate Unreviewed
CVE-2011-2684 was published May 17, 2022
A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an... Moderate Unreviewed
CVE-2017-12258 was published May 13, 2022
mktexlsr revision 22855 through revision 36625 as packaged in texlive allows local users to write... Moderate Unreviewed
CVE-2015-5700 was published May 14, 2022
A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for... Moderate Unreviewed
CVE-2025-1697 was published Apr 18, 2025
Dell Trusted Device, versions prior to 7.0.3.0, contain an Improper Link Resolution Before File... Moderate Unreviewed
CVE-2025-29983 was published Apr 15, 2025
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local... Moderate Unreviewed
CVE-2015-5287 was published May 17, 2022
Location Framework in Apple iOS before 8.4.1 allows local users to bypass intended restrictions... Moderate Unreviewed
CVE-2015-3759 was published May 17, 2022
The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly... Moderate Unreviewed
CVE-2014-5045 was published May 13, 2022
The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite... Moderate Unreviewed
CVE-2014-5260 was published May 17, 2022
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files... Moderate Unreviewed
CVE-2014-3977 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database