GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
38 advisories
Filter by severity
A vulnerability was found in Pagure. Support of symbolic links during repository archiving of...
High
Unreviewed
CVE-2024-47515
was published
Dec 24, 2024
Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution...
High
Unreviewed
CVE-2024-47480
was published
Dec 18, 2024
Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low...
Moderate
Unreviewed
CVE-2024-52542
was published
Dec 17, 2024
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia...
High
Unreviewed
CVE-2024-44132
was published
Sep 17, 2024
Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability....
Moderate
Unreviewed
CVE-2024-52537
was published
Dec 11, 2024
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma...
High
Unreviewed
CVE-2024-23285
was published
Mar 8, 2024
runc can be confused to create empty files/directories on the host
Moderate
CVE-2024-45310
was published
for
github.com/opencontainers/runc
(Go)
Sep 3, 2024
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated...
Moderate
Unreviewed
CVE-2023-20093
was published
Nov 15, 2024
A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated,...
Moderate
Unreviewed
CVE-2023-20091
was published
Nov 15, 2024
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated...
Moderate
Unreviewed
CVE-2023-20092
was published
Nov 15, 2024
Sensitive information disclosure during file browsing due to improper soft link handling. The...
Low
Unreviewed
CVE-2024-34015
was published
Nov 11, 2024
Arbitrary file overwrite during recovery due to improper soft link handling. The following...
Moderate
Unreviewed
CVE-2024-34014
was published
Nov 11, 2024
NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a...
Moderate
Unreviewed
CVE-2024-0134
was published
Nov 5, 2024
An arbitrary file deletion in ZSATrayManager where it protects the temporary encrypted ZApp...
High
Unreviewed
CVE-2023-41969
was published
Mar 26, 2024
Extract has insufficient checks allowing attacker to create symlinks outside the extraction directory.
Moderate
CVE-2024-47877
was published
for
github.com/codeclysm/extract
(Go)
Oct 11, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink)...
Moderate
Unreviewed
CVE-2024-39578
was published
Aug 31, 2024
An issue discovered in 360 Total Security Antivirus through 11.0.0.1061 for Windows allows...
High
Unreviewed
CVE-2024-22014
was published
Apr 15, 2024
In aiohttp, compressed files as symlinks are not protected from path traversal
Moderate
CVE-2024-42367
was published
for
aiohttp
(pip)
Aug 9, 2024
OpenVPN Connect installer for macOS version 3.2.6 and older may corrupt system critical files it...
High
Unreviewed
CVE-2020-15075
was published
May 24, 2022
Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink)...
Moderate
Unreviewed
CVE-2024-25953
was published
Mar 28, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink)...
Moderate
Unreviewed
CVE-2024-25952
was published
Mar 28, 2024
Insecure UNIX Symbolic Link (Symlink) Following in TeamViewer Remote Client prior Version 15.52...
High
Unreviewed
CVE-2024-1933
was published
Mar 26, 2024
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server...
Moderate
Unreviewed
CVE-2023-39246
was published
Nov 16, 2023
A symlink following vulnerability was found in Samba, where a user can create a symbolic link...
Moderate
Unreviewed
CVE-2022-3592
was published
Jan 12, 2023
Kubernetes kubectl cp Vulnerable to Symlink Attack
Moderate
CVE-2019-11251
was published
for
k8s.io/kubernetes
(Go)
May 18, 2021
ProTip!
Advisories are also available from the
GraphQL API