Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,115
Maven
5,000+
npm
3,767
NuGet
680
pip
3,456
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

416 advisories

Loading
Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability.... Moderate Unreviewed
CVE-2024-52537 was published Dec 11, 2024
Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low... Moderate Unreviewed
CVE-2024-52542 was published Dec 17, 2024
Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the... Moderate Unreviewed
CVE-2022-38730 was published Apr 27, 2023
This issue was addressed with improved handling of symlinks. This issue is fixed in iPadOS 17.7.4... Moderate Unreviewed
CVE-2025-24104 was published Jan 28, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-24136 was published Jan 28, 2025
An arbitrary file deletion vulnerability exists in PaperCut NG/MF that only affects Windows... Moderate Unreviewed
CVE-2024-3037 was published May 14, 2024
** DISPUTED ** init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via... Moderate Unreviewed
CVE-2008-4996 was published May 17, 2022
Windows Event Tracing Denial of Service Vulnerability Moderate Unreviewed
CVE-2025-21274 was published Jan 14, 2025
Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink)... Moderate Unreviewed
CVE-2024-25953 was published Mar 28, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink)... Moderate Unreviewed
CVE-2024-25952 was published Mar 28, 2024
Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2024-12753 was published Dec 30, 2024
AnyDesk Link Following Information Disclosure Vulnerability. This vulnerability allows local... Moderate Unreviewed
CVE-2024-12754 was published Dec 30, 2024
gitingest before 9996a06 mishandles symbolic links that point outside of the base directory. Moderate Unreviewed
CVE-2024-56074 was published Dec 15, 2024
A link following vulnerability has been reported to affect Qsync Central. If exploited, the... Moderate Unreviewed
CVE-2024-50404 was published Dec 6, 2024
Various problems in obs-scm-bridge allows attackers that create specially crafted git... Moderate Unreviewed
CVE-2024-22038 was published Nov 28, 2024
AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability. This... Moderate Unreviewed
CVE-2024-7236 was published Nov 23, 2024
AVG AntiVirus Free Link Following Denial-of-Service Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2024-7235 was published Nov 23, 2024
Avast Free Antivirus Link Following Denial-of-Service Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2024-7228 was published Nov 23, 2024
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed
CVE-2021-1491 was published Nov 15, 2024
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated... Moderate Unreviewed
CVE-2023-20004 was published Nov 15, 2024
Windows Cleanup Manager Elevation of Privilege Vulnerability. Moderate Unreviewed
CVE-2022-21838 was published Jan 12, 2022
A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an... Moderate Unreviewed
CVE-2024-45770 was published Sep 19, 2024
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an... Moderate Unreviewed
CVE-2024-5742 was published Jun 12, 2024
The Improper link resolution before file access ('Link Following') vulnerability in SonicWall... Moderate Unreviewed
CVE-2024-45315 was published Oct 11, 2024
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-44264 was published Oct 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database