Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

489 advisories

Loading
Improper link resolution before file access ('Link Following') for some Intel(R) Graphics Driver... High Unreviewed
CVE-2025-20003 was published May 13, 2025
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an... High Unreviewed
CVE-2025-29975 was published May 13, 2025
An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows... High Unreviewed
CVE-2024-8404 was published Sep 26, 2024
A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0... High Unreviewed
CVE-2025-3224 was published Apr 28, 2025
Link Following Local Privilege Escalation Vulnerability in TuneupSvc in Gen Digital Inc. Avast... High Unreviewed
CVE-2024-13962 was published May 9, 2025
Link Following Local Privilege Escalation Vulnerability in System Speedup Service in Avira... High Unreviewed
CVE-2024-9524 was published May 9, 2025
Link Following Local Privilege Escalation Vulnerability in TuneupSvc in Avast Cleanup Premium... High Unreviewed
CVE-2024-13961 was published May 9, 2025
Link Following Local Privilege Escalation Vulnerability in TuneUp Service in AVG TuneUp Version... High Unreviewed
CVE-2024-13960 was published May 9, 2025
Link Following Local Privilege Escalation Vulnerability in TuneupSvc.exe in AVG TuneUp 24.2.16593... High Unreviewed
CVE-2024-13959 was published May 9, 2025
Local Privilege Escalation in Avira.Spotlight.Service.exe in Avira Prime 1.1.96.2 on Windows 10... High Unreviewed
CVE-2024-13759 was published May 9, 2025
The setpermissions function in the auto-updater in Arq before 5.9.7 for Mac allows local users to... High Unreviewed
CVE-2017-15357 was published May 13, 2022
It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when... High Unreviewed
CVE-2017-7501 was published May 13, 2022
PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x... High Unreviewed
CVE-2017-12172 was published May 13, 2022
Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly... High Unreviewed
CVE-2017-8108 was published May 13, 2022
AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. NOTE:... High Unreviewed
CVE-2015-7724 was published May 14, 2022
Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have... High Unreviewed
CVE-2015-3315 was published May 14, 2022
AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. High Unreviewed
CVE-2015-7723 was published May 14, 2022
The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6... High Unreviewed
CVE-2016-9774 was published May 14, 2022
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to... High Unreviewed
CVE-2016-6253 was published May 17, 2022
A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and... High Unreviewed
CVE-2025-32817 was published Apr 16, 2025
A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and... High Unreviewed
CVE-2022-45798 was published Dec 24, 2022
When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be... High Unreviewed
CVE-2022-45412 was published Dec 22, 2022
base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the... High Unreviewed
CVE-2016-9566 was published May 14, 2022
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14;... High Unreviewed
CVE-2016-6664 was published May 13, 2022
The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6... High Unreviewed
CVE-2016-1247 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database