GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,811
Erlang
36
GitHub Actions
32
Go
2,396
Maven
5,000+
npm
4,033
NuGet
721
pip
3,824
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+
527 advisories
Filter by severity
An issue was discovered in AdGuard plugin before 1.11.22 for Safari on MacOS. AdGaurd verbosely...
Moderate
Unreviewed
CVE-2025-51497
was published
Jul 17, 2025
A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker...
Moderate
Unreviewed
CVE-2022-20630
was published
Feb 11, 2022
A potential security
vulnerability has been identified in the Poly Clariti Manager for versions...
Moderate
Unreviewed
CVE-2025-43485
was published
Jul 23, 2025
Okta On-Premises Provisioning (OPP) agents log certain user data during administrator-initiated...
Moderate
Unreviewed
CVE-2025-7371
was published
Jul 22, 2025
An issue was discovered in Westermo WeOS 5 (5.24 through 5.24.4). A threat actor potentially can...
Moderate
Unreviewed
CVE-2025-54319
was published
Jul 20, 2025
Apache Pulsar Kafka Connector Logs Sensitive Information in Application Logs
Moderate
CVE-2025-30677
was published
for
org.apache.pulsar:pulsar-io-kafka
(Maven)
Apr 9, 2025
Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of...
Moderate
Unreviewed
CVE-2025-30483
was published
Jul 15, 2025
Directus tokens are not redacted in flow logs, exposing session credentials to all admin
Moderate
CVE-2025-53886
was published
for
directus
(npm)
Jul 15, 2025
Directus is vulnerable to sensitive data exposure as user data is not being redacted when logged
Moderate
CVE-2025-53885
was published
for
directus
(npm)
Jul 15, 2025
Apache ActiveMQ Artemis Vulnerable to Insertion of Sensitive Information into Log File
Moderate
CVE-2025-27391
was published
for
org.apache.activemq:artemis-project
(Maven)
Apr 9, 2025
Apache IoTDB JDBC Driver Discloses Sensitive Information via Log Files
Moderate
CVE-2025-26795
was published
for
org.apache.iotdb:iotdb-jdbc
(Maven)
May 14, 2025
Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit...
Moderate
Unreviewed
CVE-2025-6392
was published
Jul 11, 2025
Dell PowerFlex Manager VM, versions prior to 4.6.2.1, contains an Insertion of Sensitive...
Moderate
Unreviewed
CVE-2025-36599
was published
Jul 9, 2025
Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2...
Moderate
Unreviewed
CVE-2025-5464
was published
Jul 8, 2025
Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2...
Moderate
Unreviewed
CVE-2025-5463
was published
Jul 8, 2025
An issue has been identified in MongoDB Server where unredacted queries may inadvertently appear...
Moderate
Unreviewed
CVE-2025-6711
was published
Jul 7, 2025
A vulnerability was found in Red Hat OpenShift Jenkins. The bearer token is not obfuscated in the...
Moderate
Unreviewed
CVE-2024-9453
was published
Jul 4, 2025
System environment variables are recorded in Docker Desktop diagnostic logs, when using shell...
Moderate
Unreviewed
CVE-2025-6587
was published
Jul 3, 2025
OpenBao Inserts Sensitive Information into Log File when processing malformed data
Moderate
CVE-2025-52893
was published
for
github.com/openbao/openbao/sdk/v2/framework
(Go)
Jun 26, 2025
mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data
Moderate
GHSA-fv92-fjc5-jj9h
was published
for
github.com/go-viper/mapstructure/v2
(Go)
Jun 27, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Moderate
Unreviewed
CVE-2023-42937
was published
Jan 23, 2024
An issue was discovered in GitLab EE affecting all versions starting from 17.0 prior to 17.0.6,...
Moderate
Unreviewed
CVE-2024-7586
was published
Jun 20, 2025
IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially sensitive information in...
Moderate
Unreviewed
CVE-2025-36050
was published
Jun 19, 2025
Insertion of Sensitive Information into Log File in OWASP DependencyCheck
Moderate
CVE-2024-23686
was published
for
org.owasp:dependency-check-ant
(Maven)
Jan 20, 2024
A flaw exists in FlashArray whereby the Key Encryption Key (KEK) is logged during key rotation...
Moderate
Unreviewed
CVE-2025-2327
was published
Jun 16, 2025
ProTip!
Advisories are also available from the
GraphQL API