Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

17 advisories

Loading
Improper Link Resolution Before File Access in the AWS VPN Client for macOS versions 1.3.2- 5.2.0... Critical Unreviewed
CVE-2025-11462 was published Oct 7, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7... Critical Unreviewed
CVE-2025-43220 was published Jul 30, 2025
Improper Link Resolution Before File Access ('Link Following') vulnerability in yrutschle sslh... Critical Unreviewed
CVE-2025-52936 was published Jun 23, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-30457 was published Apr 1, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24278 was published Apr 1, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... Critical Unreviewed
CVE-2025-24242 was published Apr 1, 2025
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack... Critical Unreviewed
CVE-2024-37143 was published Dec 10, 2024
An arbitrary file overwrite vulnerability in NoMachine Free Edition and Enterprise Client for... Critical Unreviewed
CVE-2023-39107 was published Aug 4, 2023
Certain HP Print products and Digital Sending products may be vulnerable to potential remote code... Critical Unreviewed
CVE-2021-3942 was published Dec 12, 2022
There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission... Critical Unreviewed
CVE-2022-23144 was published Sep 25, 2022
The container package in MikroTik RouterOS 7.4beta4 allows an attacker to create mount points... Critical Unreviewed
CVE-2022-34960 was published Aug 26, 2022
ZipSlip vulnerability in bblfshd Critical Unreviewed
CVE-2021-32825 was published May 24, 2022
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows attackers to... Critical Unreviewed
CVE-2021-38570 was published May 24, 2022
Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2... Critical Unreviewed
CVE-2020-25989 was published May 24, 2022
In browser editing in Atlassian Bitbucket Server from version 4.13.0 before 5.4.8 (the fixed... Critical Unreviewed
CVE-2018-5225 was published May 14, 2022
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4... Critical Unreviewed
CVE-2017-1002101 was published May 13, 2022
The combination of primitives offered by SMB and AFP in their default configuration allows the... Critical Unreviewed
CVE-2022-22995 was published Mar 27, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database