Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,811
Erlang
36
GitHub Actions
32
Go
2,396
Maven
5,000+
npm
4,033
NuGet
721
pip
3,824
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

527 advisories

Loading
Insertion of Sensitive Information into Log File vulnerability in WPKube Subscribe To Comments... Moderate Unreviewed
CVE-2024-31249 was published Apr 10, 2024
Insertion of sensitive information into log file in Azure Local Cluster allows an authorized... Moderate Unreviewed
CVE-2025-25002 was published Apr 8, 2025
Insertion of Sensitive Information into Log File vulnerability in Joel Hardi User Spam Remover... Moderate Unreviewed
CVE-2024-31298 was published Apr 10, 2024
An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6,... Moderate Unreviewed
CVE-2022-3902 was published Jan 26, 2023
Insertion of Sensitive Information into Log File vulnerability in smackcoders AIO Performance... Moderate Unreviewed
CVE-2025-31788 was published Apr 1, 2025
IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files... Moderate Unreviewed
CVE-2024-7577 was published Mar 29, 2025
Jenkins MQ Notifier Plugin exposes sensitive information in build logs Moderate
CVE-2024-28154 was published for com.sonymobile.jenkins.plugins.mq:mq-notifier (Maven) Mar 6, 2024
IBM UrbanCode Deploy (UCD) through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM... Moderate Unreviewed
CVE-2025-1998 was published Mar 27, 2025
In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log Moderate Unreviewed
CVE-2025-31139 was published Mar 27, 2025
HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in... Moderate Unreviewed
CVE-2025-0273 was published Mar 27, 2025
The issue was resolved by sanitizing logging. This issue is fixed in macOS Sonoma 14.7.2, macOS... Moderate Unreviewed
CVE-2024-54519 was published Jan 28, 2025
buildx allows a possible credential leakage to telemetry endpoint Moderate
CVE-2025-0495 was published for github.com/docker/buildx (Go) Mar 17, 2025
jstawinski
Vulnerability of improper log information control in the UI framework module Impact: Successful... Moderate Unreviewed
CVE-2024-57957 was published Feb 6, 2025
Nomad is vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs Moderate
CVE-2025-1296 was published for github.com/hashicorp/nomad (Go) Mar 10, 2025
An insertion of sensitive information into log file vulnerabilities [CWE-532] in FortiManager... Moderate Unreviewed
CVE-2024-40585 was published Mar 14, 2025
Insecure permissions for log files of AVSystem Unified Management Platform (UMP) 23.07.0.16567... Moderate Unreviewed
CVE-2024-25654 was published Mar 18, 2024
Retool (self-hosted enterprise) through 3.40.0 inserts resource authentication credentials into... Moderate Unreviewed
CVE-2024-42056 was published Aug 22, 2024
CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause... Moderate Unreviewed
CVE-2025-2002 was published Mar 12, 2025
Infinispan vulnerable to Insertion of Sensitive Information into Log File Moderate
CVE-2025-0736 was published for org.infinispan:infinispan-parent (Maven) Jan 28, 2025
Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker... Moderate Unreviewed
CVE-2025-24984 was published Mar 11, 2025
SAP Web Dispatcher and Internet Communication Manager allow an attacker with administrative... Moderate Unreviewed
CVE-2025-0071 was published Mar 11, 2025
A vulnerability exists in Docker Desktop prior to version 4.39.0 that could lead to the... Moderate Unreviewed
CVE-2025-1696 was published Mar 6, 2025
Kubernetes client-go library logs may disclose credentials to unauthorized users Moderate
CVE-2019-11250 was published for k8s.io/client-go (Go) May 24, 2022
A highly privileged account can overwrite arbitrary files on the system with log output. The log... Moderate Unreviewed
CVE-2024-28072 was published May 3, 2024
The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User... Moderate Unreviewed
CVE-2024-13818 was published Feb 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database