Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

782 advisories

Loading
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21323 was published Jan 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21318 was published Jan 14, 2025
TYPO3 Information Disclosure via Exception Handling/Logger Low
CVE-2024-55891 was published for typo3/cms-install (Composer) Jan 14, 2025
ohader
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an... Moderate Unreviewed
CVE-2024-40679 was published Jan 8, 2025
iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive... Critical Unreviewed
CVE-2025-22275 was published Jan 3, 2025
Disclosure of sensitive information in HikVision camera driver's log file in XProtect Device Pack... Moderate Unreviewed
CVE-2024-12569 was published Dec 19, 2024
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores potentially... Moderate Unreviewed
CVE-2024-49816 was published Dec 17, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6... Moderate Unreviewed
CVE-2024-12292 was published Dec 12, 2024
The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app... Moderate Unreviewed
CVE-2024-54484 was published Dec 12, 2024
Insertion of Sensitive Information into Log File (CWE-532) in the Gallagher Command Centre Alarm... High Unreviewed
CVE-2024-42407 was published Dec 12, 2024
User credentials (login & password) are inserted into log files when a user tries to authenticate... Low Unreviewed
CVE-2024-12057 was published Dec 9, 2024
Zammad before 6.4.1 places sensitive data (such as auth_microsoft_office365_credentials and... Moderate Unreviewed
CVE-2024-55578 was published Dec 9, 2024
HCL Launch stores potentially sensitive information in log files that could be read by a local... Moderate Unreviewed
CVE-2024-42196 was published Dec 6, 2024
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p22, <2... Moderate Unreviewed
CVE-2024-47094 was published Nov 29, 2024
AnyDesk through 8.1.0 on Windows, when Allow Direct Connections is enabled, inadvertently exposes... High Unreviewed
CVE-2024-52940 was published Nov 18, 2024
An information disclosure vulnerability exists in Yugabyte Anywhere, where the LDAP bind password... Moderate Unreviewed
CVE-2024-11193 was published Nov 13, 2024
An information disclosure vulnerability exists in the backup configuration process where the SAS... Moderate Unreviewed
CVE-2024-11165 was published Nov 13, 2024
Git credentials are exposed in Atlantis logs High
CVE-2024-52009 was published for github.com/runatlantis/atlantis (Go) Nov 8, 2024
niooss-ledger
@workos-inc/authkit-remix refresh tokens are logged when the debug flag is enabled Low
CVE-2024-51753 was published for @workos-inc/authkit-remix (npm) Nov 5, 2024
@workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled Low
CVE-2024-51752 was published for @workos-inc/authkit-nextjs (npm) Nov 5, 2024
RichardoC
Vulnerability of improper log printing in the Super Home Screen module Impact: Successful... Moderate Unreviewed
CVE-2024-51528 was published Nov 5, 2024
The Woo Manage Fraud Orders plugin for WordPress is vulnerable to Sensitive Information Exposure... Moderate Unreviewed
CVE-2024-10544 was published Oct 31, 2024
An information disclosure issue was addressed with improved private data redaction for log... Moderate Unreviewed
CVE-2024-44239 was published Oct 28, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2024-27849 was published Oct 28, 2024
The Snowflake Connector for Python stores sensitive data in logs Moderate
CVE-2024-49750 was published for snowflake-connector-python (pip) Oct 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database