GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,966
Composer 5,074
Erlang 39
GitHub Actions 38
Go 2,737
Maven 6,146
npm 4,337
NuGet 764
pip 4,112
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,859

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

512 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

CWE-59: Improper Link Resolution Before File Access ('Link Following') vulnerability exists that... High Unreviewed

CVE-2025-5296 was published Aug 18, 2025

AOMEI Backupper Workstation Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed

CVE-2025-8612 was published Aug 20, 2025

A path collision and arbitrary code execution vulnerability was identified in GitHub Enterprise... High Unreviewed

CVE-2024-10007 was published Nov 7, 2024

HashiCorp go-getter Vulnerable to Symlink Attacks High

CVE-2025-8959 was published for github.com/hashicorp/go-getter (Go) Aug 15, 2025

A link following vulnerability in the Trend Micro Apex One scan engine could allow a local... High Unreviewed

CVE-2025-49156 was published Jun 17, 2025

A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a... High Unreviewed

CVE-2025-49157 was published Jun 17, 2025

Improper link resolution before file access ('link following') in Microsoft AutoUpdate (MAU)... High Unreviewed

CVE-2025-55317 was published Sep 9, 2025

Improper link resolution before file access ('link following') in Xbox allows an authorized... High Unreviewed

CVE-2025-55245 was published Sep 9, 2025

Improper link resolution before file access ('link following') in Windows Update Service allows... High Unreviewed

CVE-2025-48799 was published Jul 8, 2025

A link following vulnerability has been reported to affect several QNAP operating system versions... High Unreviewed

CVE-2024-53691 was published Dec 6, 2024

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.843 and... High Unreviewed

CVE-2025-34191 was published Sep 19, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (Windows client... High Unreviewed

CVE-2025-34194 was published Sep 19, 2025

Trend Micro Password Manager (Consumer) version 5.8.0.1327 and below is vulnerable to a Link... High Unreviewed

CVE-2025-52837 was published Jul 10, 2025

A link following vulnerability exists in the UnifyScanner component of Armoury Crate. This... High Unreviewed

CVE-2025-9968 was published Oct 13, 2025

Link Following Local Privilege Escalation Vulnerability in NortonUtilitiesSvc in Norton Utilities... High Unreviewed

CVE-2024-13944 was published May 9, 2025

Improper link resolution before file access ('link following') in Windows Health and Optimized... High Unreviewed

CVE-2025-59241 was published Oct 14, 2025

Improper link resolution before file access ('link following') in XBox Gaming Services allows an... High Unreviewed

CVE-2025-59281 was published Oct 14, 2025

GPT Academic version 3.83 is vulnerable to a Local File Read (LFI) vulnerability through its... High Unreviewed

CVE-2024-10986 was published Mar 20, 2025

mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of... High Unreviewed

CVE-2024-6868 was published Oct 29, 2024

A vulnerability in binary-husky/gpt_academic version git 310122f allows for remote code execution... High Unreviewed

CVE-2024-12390 was published Mar 20, 2025

GluonCV Arbitrary File Write via TarSlip High

CVE-2024-12216 was published for gluoncv (pip) Mar 20, 2025

Duplicate Advisory: Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability High

GHSA-q8g5-rw97-f55h was published for Microsoft.Build.Tasks.Core (NuGet) Oct 14, 2025 • withdrawn

Git LFS may write to arbitrary files via crafted symlinks High

CVE-2025-26625 was published for github.com/git-lfs/git-lfs (Go) Oct 17, 2025

An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC)... High Unreviewed

CVE-2019-0841 was published May 13, 2022

An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC)... High Unreviewed

CVE-2019-1064 was published May 24, 2022

Previous 1…19…21 Next

Previous 1 2 … 17 18 19 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

512 advisories