GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,811
Erlang
36
GitHub Actions
32
Go
2,396
Maven
5,000+
npm
4,033
NuGet
721
pip
3,824
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+
1,143 advisories
Filter by severity
NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook,...
High
Unreviewed
CVE-2025-23267
was published
Jul 17, 2025
An issue in Cato Networks' CatoClient for Linux, before version 5.5, allows a local attacker to...
High
Unreviewed
CVE-2025-7012
was published
Jul 13, 2025
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an...
High
Unreviewed
CVE-2025-49738
was published
Jul 8, 2025
Improper link resolution before file access ('link following') in Visual Studio allows an...
High
Unreviewed
CVE-2025-49739
was published
Jul 8, 2025
Improper link resolution before file access ('link following') in Windows AppX Deployment Service...
High
Unreviewed
CVE-2025-48820
was published
Jul 8, 2025
Improper link resolution before file access ('link following') in Windows Performance Recorder...
High
Unreviewed
CVE-2025-49680
was published
Jul 8, 2025
Improper link resolution before file access ('link following') in Windows Update Service allows...
High
Unreviewed
CVE-2025-48799
was published
Jul 8, 2025
Improper link resolution before file access ('link following') in Service Fabric allows an...
Moderate
Unreviewed
CVE-2025-21195
was published
Jul 8, 2025
A low privileged remote attacker with file access can replace a critical file or folder used by...
High
Unreviewed
CVE-2025-41668
was published
Jul 8, 2025
A low privileged remote attacker with file access can replace a critical file used by the arp...
High
Unreviewed
CVE-2025-41667
was published
Jul 8, 2025
A low privileged remote attacker with file access can replace a critical file used by the...
High
Unreviewed
CVE-2025-41666
was published
Jul 8, 2025
@modelcontextprotocol/server-filesystem allows for path validation bypass via prefix matching and symlink handling
High
CVE-2025-53109
was published
for
@modelcontextprotocol/server-filesystem
(npm)
Jul 1, 2025
A path or symbolic link manipulation vulnerability in SIR 1.0.3 and prior versions allows an...
High
Unreviewed
CVE-2025-3771
was published
Jun 26, 2025
Improper Link Resolution Before File Access ('Link Following') vulnerability in yrutschle sslh...
Critical
Unreviewed
CVE-2025-52936
was published
Jun 23, 2025
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local...
Moderate
Unreviewed
CVE-2025-30642
was published
Jun 17, 2025
A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security...
High
Unreviewed
CVE-2025-30641
was published
Jun 17, 2025
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local...
High
Unreviewed
CVE-2025-30640
was published
Jun 17, 2025
Improper link resolution before file access ('link following') in Windows Installer allows an...
High
Unreviewed
CVE-2025-33075
was published
Jun 10, 2025
Improper link resolution before file access ('link following') in Windows Recovery Driver allows...
High
Unreviewed
CVE-2025-32721
was published
Jun 10, 2025
2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2025-5474
was published
Jun 6, 2025
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop...
High
Unreviewed
CVE-2024-54189
was published
Jun 3, 2025
A privilege escalation vulnerability exists in the virtual machine archive restoration...
High
Unreviewed
CVE-2024-36486
was published
Jun 3, 2025
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop...
High
Unreviewed
CVE-2024-52561
was published
Jun 3, 2025
Bluetooth HCI Adaptor from Realtek has a Link Following vulnerability. Local attackers with...
High
Unreviewed
CVE-2024-11857
was published
Jun 2, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2025-31198
was published
May 30, 2025
ProTip!
Advisories are also available from the
GraphQL API