Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,726
Maven
5,000+
npm
4,331
NuGet
763
pip
4,107
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

563 advisories

Loading
NVIDIA Cumulus Linux and NVOS products contain a vulnerability, where hashed user passwords are... Moderate Unreviewed
CVE-2025-23261 was published Sep 5, 2025
traQ Allows Insertion of Sensitive Information into Log File Moderate
CVE-2025-57813 was published for github.com/traPtitech/traQ (Go) Aug 26, 2025
ras0q
Credited to ras0q
Dell OpenManage Enterprise, versions 3.10, 4.0, 4.1, and 4.2, contains an Insertion of Sensitive... Moderate Unreviewed
CVE-2025-38745 was published Aug 14, 2025
Insertion of sensitive information into log file for some Intel(R) Local Manageability Service... Moderate Unreviewed
CVE-2025-24520 was published Aug 12, 2025
The SAP NetWeaver Application Server ABAP and ABAP Platform Internet Communication Manager (ICM)... Moderate Unreviewed
CVE-2025-42935 was published Aug 12, 2025
Shared Access Signature token is not masked in the backup configuration response and is also... Moderate Unreviewed
CVE-2025-8864 was published Aug 11, 2025
NVIDIA Omniverse Launcher for Windows and Linux contains a vulnerability in the launcher logs,... Moderate Unreviewed
CVE-2025-23289 was published Jul 31, 2025
A Insertion of Sensitive Information into Log File vulnerability in SUSE Multi Linux Manager... Moderate Unreviewed
CVE-2025-46809 was published Jul 31, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2025-43225 was published Jul 30, 2025
"SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file... Moderate Unreviewed
CVE-2025-53649 was published Jul 29, 2025
A potential security vulnerability has been identified in the Poly Clariti Manager for versions... Moderate Unreviewed
CVE-2025-43485 was published Jul 23, 2025
Okta On-Premises Provisioning (OPP) agents log certain user data during administrator-initiated... Moderate Unreviewed
CVE-2025-7371 was published Jul 22, 2025
An issue was discovered in Westermo WeOS 5 (5.24 through 5.24.4). A threat actor potentially can... Moderate Unreviewed
CVE-2025-54319 was published Jul 20, 2025
An issue was discovered in AdGuard plugin before 1.11.22 for Safari on MacOS. AdGaurd verbosely... Moderate Unreviewed
CVE-2025-51497 was published Jul 17, 2025
Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of... Moderate Unreviewed
CVE-2025-30483 was published Jul 15, 2025
Directus tokens are not redacted in flow logs, exposing session credentials to all admin Moderate
CVE-2025-53886 was published for directus (npm) Jul 15, 2025
licitdev
Credited to licitdev
Directus is vulnerable to sensitive data exposure as user data is not being redacted when logged Moderate
CVE-2025-53885 was published for directus (npm) Jul 15, 2025
Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit... Moderate Unreviewed
CVE-2025-6392 was published Jul 11, 2025
Dell PowerFlex Manager VM, versions prior to 4.6.2.1, contains an Insertion of Sensitive... Moderate Unreviewed
CVE-2025-36599 was published Jul 9, 2025
Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2... Moderate Unreviewed
CVE-2025-5464 was published Jul 8, 2025
Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2... Moderate Unreviewed
CVE-2025-5463 was published Jul 8, 2025
An issue has been identified in MongoDB Server where unredacted queries may inadvertently appear... Moderate Unreviewed
CVE-2025-6711 was published Jul 7, 2025
A vulnerability was found in Red Hat OpenShift Jenkins. The bearer token is not obfuscated in the... Moderate Unreviewed
CVE-2024-9453 was published Jul 4, 2025
System environment variables are recorded in Docker Desktop diagnostic logs, when using shell... Moderate Unreviewed
CVE-2025-6587 was published Jul 3, 2025
mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data Moderate
GHSA-fv92-fjc5-jj9h was published for github.com/go-viper/mapstructure/v2 (Go) Jun 27, 2025
cipherboy
Credited to cipherboy
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database