Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

37 advisories

Loading
Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution... High Unreviewed
CVE-2024-47480 was published Dec 18, 2024
Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low... Moderate Unreviewed
CVE-2024-52542 was published Dec 17, 2024
Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability.... Moderate Unreviewed
CVE-2024-52537 was published Dec 11, 2024
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated... Moderate Unreviewed
CVE-2023-20092 was published Nov 15, 2024
A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated,... Moderate Unreviewed
CVE-2023-20091 was published Nov 15, 2024
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated... Moderate Unreviewed
CVE-2023-20093 was published Nov 15, 2024
Sensitive information disclosure during file browsing due to improper soft link handling. The... Low Unreviewed
CVE-2024-34015 was published Nov 11, 2024
Arbitrary file overwrite during recovery due to improper soft link handling. The following... Moderate Unreviewed
CVE-2024-34014 was published Nov 11, 2024
NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a... Moderate Unreviewed
CVE-2024-0134 was published Nov 5, 2024
Extract has insufficient checks allowing attacker to create symlinks outside the extraction directory. Moderate
CVE-2024-47877 was published for github.com/codeclysm/extract (Go) Oct 11, 2024
buglloc cmaglie
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... High Unreviewed
CVE-2024-44132 was published Sep 17, 2024
runc can be confused to create empty files/directories on the host Moderate
CVE-2024-45310 was published for github.com/opencontainers/runc (Go) Sep 3, 2024
rata alban
cyphar sdowell
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink)... Moderate Unreviewed
CVE-2024-39578 was published Aug 31, 2024
In aiohttp, compressed files as symlinks are not protected from path traversal Moderate
CVE-2024-42367 was published for aiohttp (pip) Aug 9, 2024
steverep
An issue discovered in 360 Total Security Antivirus through 11.0.0.1061 for Windows allows... High Unreviewed
CVE-2024-22014 was published Apr 15, 2024
Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink)... Moderate Unreviewed
CVE-2024-25953 was published Mar 28, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink)... Moderate Unreviewed
CVE-2024-25952 was published Mar 28, 2024
An arbitrary file deletion in ZSATrayManager where it protects the temporary encrypted ZApp... High Unreviewed
CVE-2023-41969 was published Mar 26, 2024
Insecure UNIX Symbolic Link (Symlink) Following in TeamViewer Remote Client prior Version 15.52... High Unreviewed
CVE-2024-1933 was published Mar 26, 2024
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma... High Unreviewed
CVE-2024-23285 was published Mar 8, 2024
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server... Moderate Unreviewed
CVE-2023-39246 was published Nov 16, 2023
Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following High
CVE-2023-25152 was published for github.com/pterodactyl/wings (Go) Feb 8, 2023
astro-angelfish
A symlink following vulnerability was found in Samba, where a user can create a symbolic link... Moderate Unreviewed
CVE-2022-3592 was published Jan 12, 2023
binwalk vulnerable to UNIX Symbolic Link (Symlink) Following Moderate
CVE-2021-4287 was published for binwalk (pip) Dec 27, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of... High Unreviewed
CVE-2021-32000 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database