Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,318
Maven
5,000+
npm
3,950
NuGet
711
pip
3,730
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

503 advisories

Loading
Para Server Logs Sensitive Information Moderate
CVE-2025-48955 was published for com.erudika:para-server (Maven) May 30, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and... Moderate Unreviewed
CVE-2025-31199 was published May 30, 2025
zot logs secrets Moderate
CVE-2025-48374 was published for zotregistry.dev/zot (Go) May 22, 2025
lgtm-dude
Recording of environment variables, configured for running containers, in Docker Desktop... Moderate Unreviewed
CVE-2025-3911 was published Apr 29, 2025
In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs Moderate Unreviewed
CVE-2025-46432 was published Apr 25, 2025
Hitachi Ops Center Common Services within Hitachi Ops Center OVA contains an information exposure... Moderate Unreviewed
CVE-2025-2300 was published Apr 22, 2025
Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup &... Moderate Unreviewed
CVE-2025-24651 was published Apr 17, 2025
Directus inserts access token from query string into logs Moderate
CVE-2024-47822 was published for @directus/api (npm) Apr 14, 2025
licitdev
Microsoft Identity Web Exposes Client Secrets and Certificate Information in Service Logs Moderate
CVE-2025-32016 was published for Microsoft.Identity.Abstractions (NuGet) Apr 9, 2025
MarcelMichau jmprieur
jennyf19 keegan-caruso rymeskar
Apache ActiveMQ Artemis Vulnerable to Insertion of Sensitive Information into Log File Moderate
CVE-2025-27391 was published for org.apache.activemq:artemis-project (Maven) Apr 9, 2025
Apache Pulsar Kafka Connector Logs Sensitive Information in Application Logs Moderate
CVE-2025-30677 was published for org.apache.pulsar:pulsar-io-kafka (Maven) Apr 9, 2025
Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive... Moderate Unreviewed
CVE-2025-25013 was published Apr 9, 2025
Insertion of sensitive information into log file in Azure Local Cluster allows an authorized... Moderate Unreviewed
CVE-2025-25002 was published Apr 8, 2025
Insertion of Sensitive Information into Log File vulnerability in smackcoders AIO Performance... Moderate Unreviewed
CVE-2025-31788 was published Apr 1, 2025
IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files... Moderate Unreviewed
CVE-2024-7577 was published Mar 29, 2025
IBM UrbanCode Deploy (UCD) through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM... Moderate Unreviewed
CVE-2025-1998 was published Mar 27, 2025
In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log Moderate Unreviewed
CVE-2025-31139 was published Mar 27, 2025
HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in... Moderate Unreviewed
CVE-2025-0273 was published Mar 27, 2025
buildx allows a possible credential leakage to telemetry endpoint Moderate
CVE-2025-0495 was published for github.com/docker/buildx (Go) Mar 17, 2025
jstawinski
An insertion of sensitive information into log file vulnerabilities [CWE-532] in FortiManager... Moderate Unreviewed
CVE-2024-40585 was published Mar 14, 2025
CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause... Moderate Unreviewed
CVE-2025-2002 was published Mar 12, 2025
Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker... Moderate Unreviewed
CVE-2025-24984 was published Mar 11, 2025
SAP Web Dispatcher and Internet Communication Manager allow an attacker with administrative... Moderate Unreviewed
CVE-2025-0071 was published Mar 11, 2025
Nomad is vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs Moderate
CVE-2025-1296 was published for github.com/hashicorp/nomad (Go) Mar 10, 2025
A vulnerability exists in Docker Desktop prior to version 4.39.0 that could lead to the... Moderate Unreviewed
CVE-2025-1696 was published Mar 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database