GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
56 advisories
Filter by severity
@npmcli/arborist vulnerable to UNIX Symbolic Link (Symlink) Following
High
CVE-2021-39134
was published
for
@npmcli/arborist
(npm)
Aug 31, 2021
A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman...
High
Unreviewed
CVE-2022-21944
was published
Jan 27, 2022
a UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2,...
High
Unreviewed
CVE-2021-31997
was published
May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of...
High
Unreviewed
CVE-2021-32000
was published
May 24, 2022
A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a...
High
Unreviewed
CVE-2021-32518
was published
May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2...
High
Unreviewed
CVE-2021-25322
was published
May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise...
High
Unreviewed
CVE-2021-25321
was published
May 24, 2022
Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following
High
CVE-2023-25152
was published
for
github.com/pterodactyl/wings
(Go)
Feb 8, 2023
Insecure UNIX Symbolic Link (Symlink) Following in TeamViewer Remote Client prior Version 15.52...
High
Unreviewed
CVE-2024-1933
was published
Mar 26, 2024
OpenVPN Connect installer for macOS version 3.2.6 and older may corrupt system critical files it...
High
Unreviewed
CVE-2020-15075
was published
May 24, 2022
An issue discovered in 360 Total Security Antivirus through 11.0.0.1061 for Windows allows...
High
Unreviewed
CVE-2024-22014
was published
Apr 15, 2024
An arbitrary file deletion in ZSATrayManager where it protects the temporary encrypted ZApp...
High
Unreviewed
CVE-2023-41969
was published
Mar 26, 2024
Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs...
High
Unreviewed
CVE-2024-52535
was published
Dec 25, 2024
Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution...
High
Unreviewed
CVE-2024-47480
was published
Dec 18, 2024
A vulnerability was found in Pagure. Support of symbolic links during repository archiving of...
High
Unreviewed
CVE-2024-47515
was published
Dec 24, 2024
Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack...
High
Unreviewed
CVE-2025-22480
was published
Feb 13, 2025
UNIX Symbolic Link (Symlink) Following in @npmcli/arborist
High
CVE-2021-39135
was published
for
@npmcli/arborist
(npm)
Aug 31, 2021
zip Incorrectly Canonicalizes Paths during Archive Extraction Leading to Arbitrary File Write
High
CVE-2025-29787
was published
for
zip
(Rust)
Mar 17, 2025
Client RCE on macOS and Linux via improper symbolic link resolution in Google Web Designer's...
High
Unreviewed
CVE-2025-1079
was published
May 12, 2025
Using Codex CLI in workspace-write mode inside a malicious context (repo, directory, etc) could...
High
Unreviewed
CVE-2025-55345
was published
Aug 13, 2025
Youki: If /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem.
High
CVE-2025-54867
was published
for
youki
(Rust)
Aug 14, 2025
The txtai framework allows the loading of compressed tar files as embedding indices. While the...
High
Unreviewed
CVE-2025-10854
was published
Sep 22, 2025
tar-fs has a symlink validation bypass if destination directory is predictable with a specific tarball
High
CVE-2025-59343
was published
for
tar-fs
(npm)
Sep 24, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia...
High
Unreviewed
CVE-2024-44132
was published
Sep 17, 2024
ProTip!
Advisories are also available from the
GraphQL API