Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

475 advisories

Loading
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-31198 was published May 30, 2025
A link-manipulation issue was discovered in Mega HOPEX 15.2.0.6110 before V5CP4. Moderate Unreviewed
CVE-2022-38482 was published Jan 10, 2023
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Passwordless... Moderate Unreviewed
CVE-2025-2102 was published May 21, 2025
The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local... Moderate Unreviewed
CVE-2025-3908 was published May 19, 2025
VMware Tools contains an insecure file handling vulnerability. A malicious actor with non... Moderate Unreviewed
CVE-2025-22247 was published May 12, 2025
Improper link resolution before file access ('link following') in Windows Installer allows an... Moderate Unreviewed
CVE-2025-29837 was published May 13, 2025
foo2zjs before 20110722dfsg-3ubuntu1 as packaged in Ubuntu, 20110722dfsg-1 as packaged in Debian... Moderate Unreviewed
CVE-2011-2684 was published May 17, 2022
A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an... Moderate Unreviewed
CVE-2017-12258 was published May 13, 2022
mktexlsr revision 22855 through revision 36625 as packaged in texlive allows local users to write... Moderate Unreviewed
CVE-2015-5700 was published May 14, 2022
A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for... Moderate Unreviewed
CVE-2025-1697 was published Apr 18, 2025
Dell Trusted Device, versions prior to 7.0.3.0, contain an Improper Link Resolution Before File... Moderate Unreviewed
CVE-2025-29983 was published Apr 15, 2025
Script Injection in Show In Browser gem Moderate
CVE-2013-2105 was published for show_in_browser (RubyGems) Oct 24, 2017
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local... Moderate Unreviewed
CVE-2015-5287 was published May 17, 2022
Location Framework in Apple iOS before 8.4.1 allows local users to bypass intended restrictions... Moderate Unreviewed
CVE-2015-3759 was published May 17, 2022
The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly... Moderate Unreviewed
CVE-2014-5045 was published May 13, 2022
The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite... Moderate Unreviewed
CVE-2014-5260 was published May 17, 2022
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files... Moderate Unreviewed
CVE-2014-3977 was published May 13, 2022
rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when MAGPIE_CACHE_ON is set to 1,... Moderate Unreviewed
CVE-2013-4214 was published May 17, 2022
(1) contrib/gforge-3.0-cronjobs.patch, (2) cronjobs/homedirs.php, (3) deb-specific/fileforge.pl, ... Moderate Unreviewed
CVE-2013-1423 was published May 17, 2022
The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete... Moderate Unreviewed
CVE-2011-0441 was published May 17, 2022
The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330... Moderate Unreviewed
CVE-2011-1004 was published May 17, 2022
FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary... Moderate Unreviewed
CVE-2010-3879 was published May 13, 2022
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x... Moderate Unreviewed
CVE-2010-3847 was published May 14, 2022
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4... Moderate Unreviewed
CVE-2010-0787 was published May 2, 2022
The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users... Moderate Unreviewed
CVE-2009-1299 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database