Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,957
Maven
5,000+
npm
4,607
NuGet
787
pip
4,306
Pub
12
RubyGems
984
Rust
1,121
Swift
49
Unreviewed advisories
All unreviewed
5,000+

119 advisories

Loading
Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to... Low Unreviewed
CVE-2025-13743 was published Dec 9, 2025
Llama Stack exposes secret in initialization log Low
CVE-2026-25211 was published for llama-stack (pip) Jan 30, 2026
RustFS's RPC signature verification logs shared secret Low
CVE-2026-22782 was published for rustfs (Rust) Jan 16, 2026
rand-tech
Credited to rand-tech
Mattermost Desktop App exposes sensitive information in its application logs Low
CVE-2025-13321 was published for mattermost-desktop (npm) Dec 17, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26... Low Unreviewed
CVE-2025-46277 was published Dec 17, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2025-43517 was published Dec 12, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.1 and... Low Unreviewed
CVE-2025-43423 was published Nov 4, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.4.5, 18... Low Unreviewed
CVE-2025-13611 was published Nov 26, 2025
Login credentials are inadvertently recorded in logs if a Syslog Server is configured in NETGEAR... Low Unreviewed
CVE-2025-12940 was published Nov 11, 2025
In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets... Low Unreviewed
CVE-2025-20373 was published Nov 26, 2025
A privacy issue was addressed by not logging contents of text fields. This issue is fixed in... Low Unreviewed
CVE-2024-23242 was published Mar 8, 2024
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Low Unreviewed
CVE-2024-23210 was published Jan 23, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2024-40791 was published Sep 17, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2025-24145 was published Jan 28, 2025
ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a... Low Unreviewed
CVE-2025-11248 was published Oct 27, 2025
An Insertion of Sensitive Information into Log File vulnerability [CWE-532] in FortiOS 7.6.0... Low Unreviewed
CVE-2025-31514 was published Oct 14, 2025
IBM Transformation Extender Advanced 10.0.1 stores potentially sensitive information in log files... Low Unreviewed
CVE-2023-50301 was published Oct 1, 2025
IBM Lakehouse (watsonx.data 2.2) stores potentially sensitive information in log files that could... Low Unreviewed
CVE-2025-36144 was published Sep 27, 2025
Template Secret leakage in logs in Scaffolder when using `fetch:template` Low
CVE-2025-55285 was published for @backstage/plugin-scaffolder-backend (npm) Aug 15, 2025
cai0duque
Credited to cai0duque
A problem with the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack can result in... Low Unreviewed
CVE-2025-4234 was published Sep 12, 2025
On affected platforms running Arista EOS, the global common encryption key configuration may be... Low Unreviewed
CVE-2025-3456 was published Aug 26, 2025
Insertion of sensitive information into log file issue exists in "region PAY" App for Android... Low Unreviewed
CVE-2025-52580 was published Jul 22, 2025
Snyk CLI Insertion of Sensitive Information into Log File allowed in DEBUG or DEBUG/TRACE mode Low
CVE-2025-6624 was published for github.com/snyk/go-application-framework (Go) Jun 26, 2025
Philips IntelliBridge Enterprise (IBE), Versions B.12 and prior, IntelliBridge Enterprise system... Low Unreviewed
CVE-2020-12023 was published May 24, 2022
A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0,... Low Unreviewed
CVE-2025-46777 was published May 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database