Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
UNIX Symbolic Link (Symlink) Following in @npmcli/arborist High
CVE-2021-39135 was published for @npmcli/arborist (npm) Aug 31, 2021
JarLob KateCatlin
@npmcli/arborist vulnerable to UNIX Symbolic Link (Symlink) Following High
CVE-2021-39134 was published for @npmcli/arborist (npm) Aug 31, 2021
ginkoid chen-robert
A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman... High Unreviewed
CVE-2022-21944 was published Jan 27, 2022
a UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2,... High Unreviewed
CVE-2021-31997 was published May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of... High Unreviewed
CVE-2021-32000 was published May 24, 2022
A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a... High Unreviewed
CVE-2021-32518 was published May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2... High Unreviewed
CVE-2021-25322 was published May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise... High Unreviewed
CVE-2021-25321 was published May 24, 2022
Arbitrary File Write in npm High
CVE-2019-16775 was published for npm (npm) Dec 13, 2019
DanielRuf
Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following High
CVE-2023-25152 was published for github.com/pterodactyl/wings (Go) Feb 8, 2023
astro-angelfish
Insecure UNIX Symbolic Link (Symlink) Following in TeamViewer Remote Client prior Version 15.52... High Unreviewed
CVE-2024-1933 was published Mar 26, 2024
OpenVPN Connect installer for macOS version 3.2.6 and older may corrupt system critical files it... High Unreviewed
CVE-2020-15075 was published May 24, 2022
An issue discovered in 360 Total Security Antivirus through 11.0.0.1061 for Windows allows... High Unreviewed
CVE-2024-22014 was published Apr 15, 2024
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma... High Unreviewed
CVE-2024-23285 was published Mar 8, 2024
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... High Unreviewed
CVE-2024-44132 was published Sep 17, 2024
ProTip! Advisories are also available from the GraphQL API