GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,081
Composer 4,076
Erlang 29
GitHub Actions 19
Go 1,897
Maven 5,097
npm 3,630
NuGet 638
pip 3,244
Pub 10
RubyGems 862
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,415

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

15 advisories

Filter by severity

Sort by

Least recently updated

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... High Unreviewed

CVE-2024-44132 was published Sep 17, 2024

An issue discovered in 360 Total Security Antivirus through 11.0.0.1061 for Windows allows... High Unreviewed

CVE-2024-22014 was published Apr 15, 2024

Insecure UNIX Symbolic Link (Symlink) Following in TeamViewer Remote Client prior Version 15.52... High Unreviewed

CVE-2024-1933 was published Mar 26, 2024

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma... High Unreviewed

CVE-2024-23285 was published Mar 8, 2024

Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following High

CVE-2023-25152 was published for github.com/pterodactyl/wings (Go) Feb 8, 2023

A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of... High Unreviewed

CVE-2021-32000 was published May 24, 2022

A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a... High Unreviewed

CVE-2021-32518 was published May 24, 2022

A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise... High Unreviewed

CVE-2021-25321 was published May 24, 2022

A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2... High Unreviewed

CVE-2021-25322 was published May 24, 2022

a UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2,... High Unreviewed

CVE-2021-31997 was published May 24, 2022

OpenVPN Connect installer for macOS version 3.2.6 and older may corrupt system critical files it... High Unreviewed

CVE-2020-15075 was published May 24, 2022

A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman... High Unreviewed

CVE-2022-21944 was published Jan 27, 2022

@npmcli/arborist vulnerable to UNIX Symbolic Link (Symlink) Following High

CVE-2021-39134 was published for @npmcli/arborist (npm) Aug 31, 2021

UNIX Symbolic Link (Symlink) Following in @npmcli/arborist High

CVE-2021-39135 was published for @npmcli/arborist (npm) Aug 31, 2021

Arbitrary File Write in npm High

CVE-2019-16775 was published for npm (npm) Dec 13, 2019

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

15 advisories