Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,864
Erlang
36
GitHub Actions
36
Go
2,491
Maven
5,000+
npm
4,107
NuGet
735
pip
3,929
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

104 advisories

Loading
On affected platforms running Arista EOS, the global common encryption key configuration may be... Low Unreviewed
CVE-2025-3456 was published Aug 26, 2025
Template Secret leakage in logs in Scaffolder when using `fetch:template` Low
CVE-2025-55285 was published for @backstage/plugin-scaffolder-backend (npm) Aug 15, 2025
Insertion of sensitive information into log file issue exists in "region PAY" App for Android... Low Unreviewed
CVE-2025-52580 was published Jul 22, 2025
Snyk CLI Insertion of Sensitive Information into Log File allowed in DEBUG or DEBUG/TRACE mode Low
CVE-2025-6624 was published for github.com/snyk/go-application-framework (Go) Jun 26, 2025
Philips IntelliBridge Enterprise (IBE), Versions B.12 and prior, IntelliBridge Enterprise system... Low Unreviewed
CVE-2020-12023 was published May 24, 2022
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Low Unreviewed
CVE-2024-23210 was published Jan 23, 2024
A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0,... Low Unreviewed
CVE-2025-46777 was published May 28, 2025
Cloud Foundry UAA release versions from v77.21.0 to v7.31.0 are vulnerable to a private key... Low Unreviewed
CVE-2025-22246 was published May 13, 2025
In Snowflake ODBC Driver before 3.7.0, in certain code paths, the Driver logged the whole SQL... Low Unreviewed
CVE-2025-46614 was published Apr 28, 2025
Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup &... Low Unreviewed
CVE-2024-31254 was published Apr 10, 2024
In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file Low Unreviewed
CVE-2025-32054 was published Apr 3, 2025
Snowflake JDBC Driver client-side encryption key in DEBUG logs Low
CVE-2025-27496 was published for net.snowflake:snowflake-jdbc (Maven) Mar 13, 2025
IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for... Low Unreviewed
CVE-2024-45674 was published Feb 22, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2025-24145 was published Jan 28, 2025
TYPO3 Information Disclosure via Exception Handling/Logger Low
CVE-2024-55891 was published for typo3/cms-install (Composer) Jan 14, 2025
ohader
User credentials (login & password) are inserted into log files when a user tries to authenticate... Low Unreviewed
CVE-2024-12057 was published Dec 9, 2024
@workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled Low
CVE-2024-51752 was published for @workos-inc/authkit-nextjs (npm) Nov 5, 2024
RichardoC
@workos-inc/authkit-remix refresh tokens are logged when the debug flag is enabled Low
CVE-2024-51753 was published for @workos-inc/authkit-remix (npm) Nov 5, 2024
A privacy issue was addressed by not logging contents of text fields. This issue is fixed in... Low Unreviewed
CVE-2024-23242 was published Mar 8, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2024-27849 was published Oct 28, 2024
A vulnerability was found in code-projects Dormitory Management System 1.0. It has been rated as... Low Unreviewed
CVE-2024-0472 was published Jan 13, 2024
A vulnerability classified as problematic has been found in Beijing Baichuo Smart S150 Management... Low Unreviewed
CVE-2024-0716 was published Jan 19, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2024-40791 was published Sep 17, 2024
The com.cascadialabs.who (aka Who - Caller ID, Spam Block) application 15.0 for Android places... Low Unreviewed
CVE-2024-40096 was published Aug 5, 2024
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local... Low Unreviewed
CVE-2023-6287 was published Nov 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database