Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,685
Maven
5,000+
npm
4,318
NuGet
760
pip
4,092
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

497 advisories

Loading
VMware Tools contains an insecure file handling vulnerability. A malicious actor with non... Moderate Unreviewed
CVE-2025-22247 was published May 12, 2025
KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes Moderate
CVE-2025-64437 was published for kubevirt.io/kubevirt (Go) Nov 6, 2025
mihailkirov Faeris95
xpivarc
Credited to mihailkirov, Faeris95, and xpivarc
The Kiwire Captive Portal contains an open redirection issue via the login-url parameter,... Moderate Unreviewed
CVE-2025-11190 was published Oct 10, 2025
Improper link resolution before file access ('link following') in Windows Routing and Remote... Moderate Unreviewed
CVE-2025-59510 was published Nov 11, 2025
Improper link resolution before file access ('link following') for some Intel(R) Server... Moderate Unreviewed
CVE-2025-24918 was published Nov 11, 2025
The ACAP Application framework could allow privilege escalation through a symlink attack. This... Moderate Unreviewed
CVE-2025-5718 was published Nov 11, 2025
Potential Denial of Service issue in all supported versions of Revenera InstallShield version... Moderate Unreviewed
CVE-2025-12418 was published Nov 8, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in visionOS 26... Moderate Unreviewed
CVE-2025-43448 was published Nov 4, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2023-41968 was published Sep 27, 2023
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43288 was published Nov 4, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2025-43394 was published Nov 4, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-44178 was published Sep 17, 2024
This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and... Moderate Unreviewed
CVE-2024-44131 was published Sep 17, 2024
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43446 was published Nov 4, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in visionOS 26... Moderate Unreviewed
CVE-2025-43379 was published Nov 4, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and... Moderate Unreviewed
CVE-2024-44273 was published Oct 28, 2024
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-44264 was published Oct 28, 2024
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-44175 was published Oct 28, 2024
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in... Moderate Unreviewed
CVE-2025-43252 was published Jul 30, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-24103 was published Jan 28, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-24136 was published Jan 28, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in iPadOS 17.7.4... Moderate Unreviewed
CVE-2025-24104 was published Jan 28, 2025
pip's fallback tar extraction doesn't check symbolic links point to extraction directory Moderate
CVE-2025-8869 was published for pip (pip) Sep 24, 2025
cai0duque bentasker
swils23 ichard26
Credited to cai0duque, bentasker, swils23, and ichard26
An elevation of privilege vulnerability exists in the way the Update Notification Manager handles... Moderate Unreviewed
CVE-2020-0638 was published May 24, 2022
Improper handling of symbolic links in the TeamViewer Full Client and Host for Windows — in... Moderate Unreviewed
CVE-2025-41421 was published Oct 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database