Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

961 advisories

Loading
An elevation of privilege vulnerability exists in the way the Update Notification Manager handles... Moderate Unreviewed
CVE-2020-0638 was published May 24, 2022
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly... High Unreviewed
CVE-2019-1253 was published May 24, 2022
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process... High Unreviewed
CVE-2020-0683 was published May 24, 2022
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC)... High Unreviewed
CVE-2019-0841 was published May 13, 2022
Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability... High Unreviewed
CVE-2025-0413 was published Feb 5, 2025
Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low... Moderate Unreviewed
CVE-2024-52542 was published Dec 17, 2024
Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability.... Moderate Unreviewed
CVE-2024-52537 was published Dec 11, 2024
Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution... High Unreviewed
CVE-2024-47480 was published Dec 18, 2024
SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files... High Unreviewed
CVE-2024-57728 was published Jan 16, 2025
Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the... Moderate Unreviewed
CVE-2022-38730 was published Apr 27, 2023
Symlink following in the installer for Zoom Workplace App for macOS before 6.2.10 may allow an... Low Unreviewed
CVE-2025-0146 was published Jan 30, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in iPadOS 17.7.4... Moderate Unreviewed
CVE-2025-24104 was published Jan 28, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-24136 was published Jan 28, 2025
Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs... High Unreviewed
CVE-2024-52535 was published Dec 25, 2024
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to... High Unreviewed
CVE-2015-1130 was published May 17, 2022
An arbitrary file deletion vulnerability exists in PaperCut NG/MF that only affects Windows... Moderate Unreviewed
CVE-2024-3037 was published May 14, 2024
** DISPUTED ** init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via... Moderate Unreviewed
CVE-2008-4996 was published May 17, 2022
Windows Event Tracing Denial of Service Vulnerability Moderate Unreviewed
CVE-2025-21274 was published Jan 14, 2025
Windows Installer Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21331 was published Jan 14, 2025
Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink)... Moderate Unreviewed
CVE-2024-25953 was published Mar 28, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink)... Moderate Unreviewed
CVE-2024-25952 was published Mar 28, 2024
Microsoft Office Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-49059 was published Dec 12, 2024
RenderDoc through 1.26 allows local privilege escalation via a symlink attack. High Unreviewed
CVE-2023-33865 was published Jun 7, 2023
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... High Unreviewed
CVE-2024-44211 was published Dec 20, 2024
A LogServer arbitrary file creation vulnerability in Trend Micro Apex One could allow a local... High Unreviewed
CVE-2024-52050 was published Dec 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database