Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

41 advisories

Loading
Arbitrary file overwrite during recovery due to improper soft link handling. The following... Moderate Unreviewed
CVE-2024-34014 was published Nov 11, 2024
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated... Moderate Unreviewed
CVE-2023-20092 was published Nov 15, 2024
A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated,... Moderate Unreviewed
CVE-2023-20091 was published Nov 15, 2024
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated... Moderate Unreviewed
CVE-2023-20093 was published Nov 15, 2024
runc can be confused to create empty files/directories on the host Moderate
CVE-2024-45310 was published for github.com/opencontainers/runc (Go) Sep 3, 2024
rata alban
cyphar sdowell
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma... High Unreviewed
CVE-2024-23285 was published Mar 8, 2024
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... High Unreviewed
CVE-2024-44132 was published Sep 17, 2024
A vulnerability was found in Pagure. Support of symbolic links during repository archiving of... High Unreviewed
CVE-2024-47515 was published Dec 24, 2024
readline.sh in socat through 1.8.0.1 relies on the /tmp/$USER/stderr2 file. Critical Unreviewed
CVE-2024-54661 was published Dec 4, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink)... Moderate Unreviewed
CVE-2024-25952 was published Mar 28, 2024
Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink)... Moderate Unreviewed
CVE-2024-25953 was published Mar 28, 2024
Insecure Temporary File usage in github.com/golang/glog Moderate
CVE-2024-45339 was published for github.com/golang/glog (Go) Jan 28, 2025
Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs... High Unreviewed
CVE-2024-52535 was published Dec 25, 2024
Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution... High Unreviewed
CVE-2024-47480 was published Dec 18, 2024
Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability.... Moderate Unreviewed
CVE-2024-52537 was published Dec 11, 2024
Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low... Moderate Unreviewed
CVE-2024-52542 was published Dec 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database