Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

203 advisories

Loading
ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2... High Unreviewed
CVE-2020-36876 was published Dec 5, 2025
Coder logs sensitive objects unsanitized High
CVE-2025-66411 was published for github.com/coder/coder/v2 (Go) Dec 3, 2025
Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper... High Unreviewed
CVE-2025-8663 was published Nov 26, 2025
Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper... High Unreviewed
CVE-2025-11446 was published Nov 19, 2025
Sensitive data exposure via logging in basic-auth leads to plaintext usernames and passwords... High Unreviewed
CVE-2025-62232 was published Oct 31, 2025
The Quickcreator – AI Blog Writer plugin for WordPress is vulnerable to Sensitive Information... High Unreviewed
CVE-2025-11504 was published Oct 24, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and... High Unreviewed
CVE-2025-34188 was published Sep 19, 2025
Dell PowerProtect Data Manager, Hyper-V, version(s) 19.19 and 19.20, contain(s) an Insertion of... High Unreviewed
CVE-2025-43888 was published Sep 10, 2025
Contrast leaks workload secrets to logs on INFO level High
GHSA-vxg3-w9rv-rhr2 was published for github.com/edgelesssys/contrast (Go) Aug 28, 2025
katexochen
Credited to katexochen
Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File... High Unreviewed
CVE-2025-30105 was published Jul 30, 2025
TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contain(s) an Insertion of... High Unreviewed
CVE-2025-26332 was published Jul 30, 2025
RageAgainstThePixel/setup-steamcmd leaked authentication token in job output logs High
GHSA-c5qx-p38x-qf5w was published for RageAgainstThePixel/setup-steamcmd (GitHub Actions) Jul 21, 2025
BrknRobot
Credited to BrknRobot
buildalon/setup-steamcmd leaked authentication token in job output logs High
GHSA-mj96-mh85-r574 was published for buildalon/setup-steamcmd (GitHub Actions) Jul 21, 2025
BrknRobot
Credited to BrknRobot
Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to... High Unreviewed
CVE-2025-6391 was published Jul 18, 2025
sentry-android unmasked sensitive data in Android Session Replays for users of Jetpack Compose 1.8+ High
GHSA-7cjh-xx4r-qh3f was published for io.sentry:sentry-android (Maven) Jun 20, 2025
Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive... High Unreviewed
CVE-2025-36573 was published Jun 12, 2025
Contrast workload secrets leak to logs on INFO level High
GHSA-h5f8-crrq-4pw8 was published for github.com/edgelesssys/contrast (Go) May 28, 2025
burgerdev katexochen
thomasten
Credited to burgerdev, katexochen, and thomasten
A logging issue was addressed with improved data redaction. This issue is fixed in iPadOS 17.7.7,... High Unreviewed
CVE-2025-31213 was published May 13, 2025
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p29, <2... High Unreviewed
CVE-2025-2092 was published Apr 22, 2025
canonical/get-workflow-version-action can leak a partial GITHUB_TOKEN in exception output High
CVE-2025-31479 was published for canonical/get-workflow-version-action (GitHub Actions) Apr 2, 2025
dannystaple
Credited to dannystaple
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and... High Unreviewed
CVE-2025-20231 was published Mar 27, 2025
Under certain error conditions at time of SANnav installation or upgrade, the encryption key can... High Unreviewed
CVE-2025-1053 was published Feb 14, 2025
Insertion of Sensitive Information into Log File vulnerability in DualCube MooWoodle allows... High Unreviewed
CVE-2025-24556 was published Feb 3, 2025
Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3,... High Unreviewed
CVE-2025-23374 was published Jan 30, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia... High Unreviewed
CVE-2025-24169 was published Jan 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database