Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,813
Erlang
36
GitHub Actions
32
Go
2,396
Maven
5,000+
npm
4,037
NuGet
721
pip
3,827
Pub
12
RubyGems
932
Rust
1,001
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

412 advisories

Loading
A potential security vulnerability has been identified in the Poly Clariti Manager for versions... Moderate Unreviewed
CVE-2025-43485 was published Jul 23, 2025
Okta On-Premises Provisioning (OPP) agents log certain user data during administrator-initiated... Moderate Unreviewed
CVE-2025-7371 was published Jul 22, 2025
An issue was discovered in Westermo WeOS 5 (5.24 through 5.24.4). A threat actor potentially can... Moderate Unreviewed
CVE-2025-54319 was published Jul 20, 2025
An issue was discovered in AdGuard plugin before 1.11.22 for Safari on MacOS. AdGaurd verbosely... Moderate Unreviewed
CVE-2025-51497 was published Jul 17, 2025
Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of... Moderate Unreviewed
CVE-2025-30483 was published Jul 15, 2025
Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit... Moderate Unreviewed
CVE-2025-6392 was published Jul 11, 2025
Dell PowerFlex Manager VM, versions prior to 4.6.2.1, contains an Insertion of Sensitive... Moderate Unreviewed
CVE-2025-36599 was published Jul 9, 2025
Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2... Moderate Unreviewed
CVE-2025-5464 was published Jul 8, 2025
Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2... Moderate Unreviewed
CVE-2025-5463 was published Jul 8, 2025
An issue has been identified in MongoDB Server where unredacted queries may inadvertently appear... Moderate Unreviewed
CVE-2025-6711 was published Jul 7, 2025
A vulnerability was found in Red Hat OpenShift Jenkins. The bearer token is not obfuscated in the... Moderate Unreviewed
CVE-2024-9453 was published Jul 4, 2025
System environment variables are recorded in Docker Desktop diagnostic logs, when using shell... Moderate Unreviewed
CVE-2025-6587 was published Jul 3, 2025
An issue was discovered in GitLab EE affecting all versions starting from 17.0 prior to 17.0.6,... Moderate Unreviewed
CVE-2024-7586 was published Jun 20, 2025
IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially sensitive information in... Moderate Unreviewed
CVE-2025-36050 was published Jun 19, 2025
A flaw exists in FlashArray whereby the Key Encryption Key (KEK) is logged during key rotation... Moderate Unreviewed
CVE-2025-2327 was published Jun 16, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and... Moderate Unreviewed
CVE-2025-31199 was published May 30, 2025
Recording of environment variables, configured for running containers, in Docker Desktop... Moderate Unreviewed
CVE-2025-3911 was published Apr 29, 2025
In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs Moderate Unreviewed
CVE-2025-46432 was published Apr 25, 2025
Hitachi Ops Center Common Services within Hitachi Ops Center OVA contains an information exposure... Moderate Unreviewed
CVE-2025-2300 was published Apr 22, 2025
Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup &... Moderate Unreviewed
CVE-2025-24651 was published Apr 17, 2025
Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive... Moderate Unreviewed
CVE-2025-25013 was published Apr 9, 2025
Insertion of sensitive information into log file in Azure Local Cluster allows an authorized... Moderate Unreviewed
CVE-2025-25002 was published Apr 8, 2025
Insertion of Sensitive Information into Log File vulnerability in smackcoders AIO Performance... Moderate Unreviewed
CVE-2025-31788 was published Apr 1, 2025
IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files... Moderate Unreviewed
CVE-2024-7577 was published Mar 29, 2025
IBM UrbanCode Deploy (UCD) through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM... Moderate Unreviewed
CVE-2025-1998 was published Mar 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database