Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,811
Erlang
36
GitHub Actions
32
Go
2,396
Maven
5,000+
npm
4,033
NuGet
721
pip
3,824
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

527 advisories

Loading
In JetBrains YouTrack before 2024.3.55417 permanent tokens could be exposed in logs Moderate Unreviewed
CVE-2025-24457 was published Jan 21, 2025
The Snowflake Connector for Python stores sensitive data in logs Moderate
CVE-2024-49750 was published for snowflake-connector-python (pip) Oct 24, 2024
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.24, 7.1 through 7.1.2.10, and 7.2 through 7.2.3.13... Moderate Unreviewed
CVE-2024-45091 was published Jan 21, 2025
Under certain log settings the IAM or CORE service will log credentials in the iam logfile in... Moderate Unreviewed
CVE-2024-11923 was published Jan 18, 2025
In affected versions of the Octopus Kubernetes worker or agent, sensitive variables could be... Moderate Unreviewed
CVE-2024-12226 was published Jan 16, 2025
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21318 was published Jan 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21316 was published Jan 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21320 was published Jan 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21321 was published Jan 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21319 was published Jan 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21323 was published Jan 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21317 was published Jan 14, 2025
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an... Moderate Unreviewed
CVE-2024-40679 was published Jan 8, 2025
Windows Desired State Configuration (DSC) Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-30148 was published Jun 16, 2022
Disclosure of sensitive information in HikVision camera driver's log file in XProtect Device Pack... Moderate Unreviewed
CVE-2024-12569 was published Dec 19, 2024
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores potentially... Moderate Unreviewed
CVE-2024-49816 was published Dec 17, 2024
The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app... Moderate Unreviewed
CVE-2024-54484 was published Dec 12, 2024
Zammad before 6.4.1 places sensitive data (such as auth_microsoft_office365_credentials and... Moderate Unreviewed
CVE-2024-55578 was published Dec 9, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6... Moderate Unreviewed
CVE-2024-12292 was published Dec 12, 2024
Improper permissions handling in MediaWiki AbuseFilter Moderate
CVE-2024-47913 was published for mediawiki/abuse-filter (Composer) Oct 5, 2024
HCL Launch stores potentially sensitive information in log files that could be read by a local... Moderate Unreviewed
CVE-2024-42196 was published Dec 6, 2024
Quarkus CXF logs passwords and other secrets Moderate
CVE-2024-9621 was published for io.quarkiverse.cxf:quarkus-cxf (Maven) Oct 8, 2024
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p22, <2... Moderate Unreviewed
CVE-2024-47094 was published Nov 29, 2024
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2... Moderate Unreviewed
CVE-2024-38862 was published Oct 14, 2024
OpenStack Glance sensitive information disclosure via logs Moderate
CVE-2014-1948 was published for glance (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database