Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,188 advisories

Loading
Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-9869 was published Oct 29, 2025
Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-9870 was published Oct 29, 2025
Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-9871 was published Oct 29, 2025
A vulnerability was detected in ermig1979 AntiDupl up to 2.3.12. Impacted is an unknown function... High Unreviewed
CVE-2025-12341 was published Oct 28, 2025
Git LFS may write to arbitrary files via crafted symlinks High
CVE-2025-26625 was published for github.com/git-lfs/git-lfs (Go) Oct 17, 2025
Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability High
CVE-2025-55247 was published for Microsoft.Build (NuGet) Oct 15, 2025
rbhanda
Credited to rbhanda
Improper link resolution before file access ('link following') in XBox Gaming Services allows an... High Unreviewed
CVE-2025-59281 was published Oct 14, 2025
Improper link resolution before file access ('link following') in Windows Health and Optimized... High Unreviewed
CVE-2025-59241 was published Oct 14, 2025
Duplicate Advisory: Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability High
GHSA-q8g5-rw97-f55h was published for Microsoft.Build.Tasks.Core (NuGet) Oct 14, 2025 withdrawn
A link following vulnerability exists in the UnifyScanner component of Armoury Crate. This... High Unreviewed
CVE-2025-9968 was published Oct 13, 2025
A security vulnerability has been detected in wonderwhy-er DesktopCommanderMCP up to 0.2.13. This... Low Unreviewed
CVE-2025-11489 was published Oct 8, 2025
Improper Link Resolution Before File Access in the AWS VPN Client for macOS versions 1.3.2- 5.2.0... Critical Unreviewed
CVE-2025-11462 was published Oct 7, 2025
Improper handling of symbolic links in the TeamViewer Full Client and Host for Windows — in... Moderate Unreviewed
CVE-2025-41421 was published Oct 1, 2025
pip's fallback tar extraction doesn't check symbolic links point to extraction directory Moderate
CVE-2025-8869 was published for pip (pip) Sep 24, 2025
cai0duque bentasker
swils23 ichard26
Credited to cai0duque, bentasker, swils23, and ichard26
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (Windows client... High Unreviewed
CVE-2025-34194 was published Sep 19, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.843 and... High Unreviewed
CVE-2025-34191 was published Sep 19, 2025
Improper link resolution before file access ('link following') in Microsoft AutoUpdate (MAU)... High Unreviewed
CVE-2025-55317 was published Sep 9, 2025
Improper link resolution before file access ('link following') in Xbox allows an authorized... High Unreviewed
CVE-2025-55245 was published Sep 9, 2025
Dell Alienware Command Center 5.x (AWCC), versions prior to 5.10.2.0, contains an Improper Link... Moderate Unreviewed
CVE-2025-43726 was published Sep 2, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2024-54554 was published Aug 29, 2025
n8n symlink traversal vulnerability in "Read/Write File" node allows access to restricted files Moderate
CVE-2025-57749 was published for n8n (npm) Aug 20, 2025
Mahmoud0x00
Credited to Mahmoud0x00
AOMEI Backupper Workstation Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-8612 was published Aug 20, 2025
CWE-59: Improper Link Resolution Before File Access ('Link Following') vulnerability exists that... High Unreviewed
CVE-2025-5296 was published Aug 18, 2025
HashiCorp go-getter Vulnerable to Symlink Attacks High
CVE-2025-8959 was published for github.com/hashicorp/go-getter (Go) Aug 15, 2025
A potential security vulnerability has been identified in the HPAudioAnalytics service included... Moderate Unreviewed
CVE-2025-43490 was published Aug 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database