Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

618 advisories

Loading
Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some... Moderate Unreviewed
CVE-2024-48852 was published Jan 29, 2025
Certain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)... Moderate Unreviewed
CVE-2025-24389 was published Jan 27, 2025
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2... Moderate Unreviewed
CVE-2023-38271 was published Jan 25, 2025
In JetBrains YouTrack before 2024.3.55417 permanent tokens could be exposed in logs Moderate Unreviewed
CVE-2025-24457 was published Jan 21, 2025
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.24, 7.1 through 7.1.2.10, and 7.2 through 7.2.3.13... Moderate Unreviewed
CVE-2024-45091 was published Jan 21, 2025
Under certain log settings the IAM or CORE service will log credentials in the iam logfile in... Moderate Unreviewed
CVE-2024-11923 was published Jan 18, 2025
In affected versions of the Octopus Kubernetes worker or agent, sensitive variables could be... Moderate Unreviewed
CVE-2024-12226 was published Jan 16, 2025
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21316 was published Jan 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21320 was published Jan 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21319 was published Jan 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21317 was published Jan 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21321 was published Jan 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21318 was published Jan 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21323 was published Jan 14, 2025
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an... Moderate Unreviewed
CVE-2024-40679 was published Jan 8, 2025
iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive... Critical Unreviewed
CVE-2025-22275 was published Jan 3, 2025
Disclosure of sensitive information in HikVision camera driver's log file in XProtect Device Pack... Moderate Unreviewed
CVE-2024-12569 was published Dec 19, 2024
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores potentially... Moderate Unreviewed
CVE-2024-49816 was published Dec 17, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6... Moderate Unreviewed
CVE-2024-12292 was published Dec 12, 2024
The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app... Moderate Unreviewed
CVE-2024-54484 was published Dec 12, 2024
Insertion of Sensitive Information into Log File (CWE-532) in the Gallagher Command Centre Alarm... High Unreviewed
CVE-2024-42407 was published Dec 12, 2024
User credentials (login & password) are inserted into log files when a user tries to authenticate... Low Unreviewed
CVE-2024-12057 was published Dec 9, 2024
Zammad before 6.4.1 places sensitive data (such as auth_microsoft_office365_credentials and... Moderate Unreviewed
CVE-2024-55578 was published Dec 9, 2024
HCL Launch stores potentially sensitive information in log files that could be read by a local... Moderate Unreviewed
CVE-2024-42196 was published Dec 6, 2024
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p22, <2... Moderate Unreviewed
CVE-2024-47094 was published Nov 29, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database