Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

55 advisories

Loading
podman kube play symlink traversal vulnerability High
CVE-2025-9566 was published for github.com/containers/podman/v4 (Go) Sep 4, 2025
Luap99
n8n symlink traversal vulnerability in "Read/Write File" node allows access to restricted files Moderate
CVE-2025-57749 was published for n8n (npm) Aug 20, 2025
Mahmoud0x00
Youki: If /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. High
CVE-2025-54867 was published for youki (Rust) Aug 14, 2025
saku3 utam0k
Using Codex CLI in workspace-write mode inside a malicious context (repo, directory, etc) could... High Unreviewed
CVE-2025-55345 was published Aug 13, 2025
Improper handling of symbolic links in Ivanti Connect Secure before version 22.7R2.8 or 22.8R2,... Moderate Unreviewed
CVE-2025-5468 was published Aug 12, 2025
Dell Encryption Admin Utilities versions prior to 11.10.2 contain an Improper Link Resolution... High Unreviewed
CVE-2025-36564 was published Jun 3, 2025
A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows... Critical Unreviewed
CVE-2025-23394 was published May 26, 2025
Client RCE on macOS and Linux via improper symbolic link resolution in Google Web Designer's... High Unreviewed
CVE-2025-1079 was published May 12, 2025
UNIX symbolic link (Symlink) following issue exists in FutureNet NXR series, VXR series and WXR... Moderate Unreviewed
CVE-2025-30485 was published Apr 3, 2025
zip Incorrectly Canonicalizes Paths during Archive Extraction Leading to Arbitrary File Write High
CVE-2025-29787 was published for zip (Rust) Mar 17, 2025
eternal-flame-AD Pr0methean
Arbitrary file overwrite during home directory recovery due to improper symbolic link handling.... Moderate Unreviewed
CVE-2025-24832 was published Feb 28, 2025
Symlink following in the installer for some Zoom apps for macOS before version 6.1.5 may allow an... Moderate Unreviewed
CVE-2024-45418 was published Feb 25, 2025
Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack... High Unreviewed
CVE-2025-22480 was published Feb 13, 2025
Insecure Temporary File usage in github.com/golang/glog Moderate
CVE-2024-45339 was published for github.com/golang/glog (Go) Jan 28, 2025
Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs... High Unreviewed
CVE-2024-52535 was published Dec 25, 2024
A vulnerability was found in Pagure. Support of symbolic links during repository archiving of... High Unreviewed
CVE-2024-47515 was published Dec 24, 2024
Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution... High Unreviewed
CVE-2024-47480 was published Dec 18, 2024
Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low... Moderate Unreviewed
CVE-2024-52542 was published Dec 17, 2024
Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability.... Moderate Unreviewed
CVE-2024-52537 was published Dec 11, 2024
readline.sh in socat through 1.8.0.1 relies on the /tmp/$USER/stderr2 file. Critical Unreviewed
CVE-2024-54661 was published Dec 4, 2024
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated... Moderate Unreviewed
CVE-2023-20092 was published Nov 15, 2024
A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated,... Moderate Unreviewed
CVE-2023-20091 was published Nov 15, 2024
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated... Moderate Unreviewed
CVE-2023-20093 was published Nov 15, 2024
Sensitive information disclosure during file browsing due to improper soft link handling. The... Low Unreviewed
CVE-2024-34015 was published Nov 11, 2024
Arbitrary file overwrite during recovery due to improper soft link handling. The following... Moderate Unreviewed
CVE-2024-34014 was published Nov 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database