GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
406 advisories
Filter by severity
gitingest before 9996a06 mishandles symbolic links that point outside of the base directory.
Moderate
Unreviewed
CVE-2024-56074
was published
Dec 15, 2024
A link following vulnerability has been reported to affect Qsync Central. If exploited, the...
Moderate
Unreviewed
CVE-2024-50404
was published
Dec 6, 2024
Various problems in obs-scm-bridge allows attackers that create specially crafted git...
Moderate
Unreviewed
CVE-2024-22038
was published
Nov 28, 2024
AVG AntiVirus Free Link Following Denial-of-Service Vulnerability. This vulnerability allows...
Moderate
Unreviewed
CVE-2024-7235
was published
Nov 23, 2024
AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability. This...
Moderate
Unreviewed
CVE-2024-7236
was published
Nov 23, 2024
Avast Free Antivirus Link Following Denial-of-Service Vulnerability. This vulnerability allows...
Moderate
Unreviewed
CVE-2024-7228
was published
Nov 23, 2024
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could...
Moderate
Unreviewed
CVE-2021-1491
was published
Nov 15, 2024
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated...
Moderate
Unreviewed
CVE-2023-20004
was published
Nov 15, 2024
Windows Cleanup Manager Elevation of Privilege Vulnerability.
Moderate
Unreviewed
CVE-2022-21838
was published
Jan 12, 2022
A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an...
Moderate
Unreviewed
CVE-2024-45770
was published
Sep 19, 2024
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an...
Moderate
Unreviewed
CVE-2024-5742
was published
Jun 12, 2024
The Improper link resolution before file access ('Link Following') vulnerability in SonicWall...
Moderate
Unreviewed
CVE-2024-45315
was published
Oct 11, 2024
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and...
Moderate
Unreviewed
CVE-2024-44273
was published
Oct 28, 2024
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-44264
was published
Oct 28, 2024
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-44175
was published
Oct 28, 2024
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function...
Moderate
Unreviewed
CVE-2018-14335
was published
May 13, 2022
Visual Studio Collector Service Denial of Service Vulnerability
Moderate
Unreviewed
CVE-2024-43603
was published
Oct 8, 2024
A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage...
Moderate
Unreviewed
CVE-2024-36306
was published
Jun 11, 2024
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows...
Moderate
Unreviewed
CVE-2024-4712
was published
May 14, 2024
This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and...
Moderate
Unreviewed
CVE-2024-44131
was published
Sep 17, 2024
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-44178
was published
Sep 17, 2024
An issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the...
Moderate
Unreviewed
CVE-2024-31952
was published
May 14, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink)...
Moderate
Unreviewed
CVE-2024-39578
was published
Aug 31, 2024
Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability...
Moderate
Unreviewed
CVE-2023-43078
was published
Aug 28, 2024
Microsoft Windows Server Backup Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-38013
was published
Jul 9, 2024
ProTip!
Advisories are also available from the
GraphQL API