Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

438 advisories

Loading
Improper link resolution before file access ('link following') in Xbox allows an authorized... High Unreviewed
CVE-2025-55245 was published Sep 9, 2025
Improper link resolution before file access ('link following') in Microsoft AutoUpdate (MAU)... High Unreviewed
CVE-2025-55317 was published Sep 9, 2025
AOMEI Backupper Workstation Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-8612 was published Aug 20, 2025
CWE-59: Improper Link Resolution Before File Access ('Link Following') vulnerability exists that... High Unreviewed
CVE-2025-5296 was published Aug 18, 2025
Dell Encryption and Dell Security Management Server, versions prior to 11.11.0, contain an... High Unreviewed
CVE-2025-36611 was published Jul 30, 2025
NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook,... High Unreviewed
CVE-2025-23267 was published Jul 17, 2025
An issue in Cato Networks' CatoClient for Linux, before version 5.5, allows a local attacker to... High Unreviewed
CVE-2025-7012 was published Jul 13, 2025
Improper link resolution before file access ('link following') in Visual Studio allows an... High Unreviewed
CVE-2025-49739 was published Jul 8, 2025
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an... High Unreviewed
CVE-2025-49738 was published Jul 8, 2025
Improper link resolution before file access ('link following') in Windows Performance Recorder... High Unreviewed
CVE-2025-49680 was published Jul 8, 2025
Improper link resolution before file access ('link following') in Windows AppX Deployment Service... High Unreviewed
CVE-2025-48820 was published Jul 8, 2025
Improper link resolution before file access ('link following') in Windows Update Service allows... High Unreviewed
CVE-2025-48799 was published Jul 8, 2025
A low privileged remote attacker with file access can replace a critical file used by the... High Unreviewed
CVE-2025-41666 was published Jul 8, 2025
A low privileged remote attacker with file access can replace a critical file or folder used by... High Unreviewed
CVE-2025-41668 was published Jul 8, 2025
A low privileged remote attacker with file access can replace a critical file used by the arp... High Unreviewed
CVE-2025-41667 was published Jul 8, 2025
A path or symbolic link manipulation vulnerability in SIR 1.0.3 and prior versions allows an... High Unreviewed
CVE-2025-3771 was published Jun 26, 2025
A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security... High Unreviewed
CVE-2025-30641 was published Jun 17, 2025
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local... High Unreviewed
CVE-2025-30640 was published Jun 17, 2025
A link following vulnerability in the Trend Micro Apex One scan engine could allow a local... High Unreviewed
CVE-2025-49156 was published Jun 17, 2025
A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a... High Unreviewed
CVE-2025-49157 was published Jun 17, 2025
Improper link resolution before file access ('link following') in Windows Installer allows an... High Unreviewed
CVE-2025-33075 was published Jun 10, 2025
Improper link resolution before file access ('link following') in Windows Recovery Driver allows... High Unreviewed
CVE-2025-32721 was published Jun 10, 2025
2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-5474 was published Jun 6, 2025
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop... High Unreviewed
CVE-2024-54189 was published Jun 3, 2025
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop... High Unreviewed
CVE-2024-52561 was published Jun 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database