Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,831
Maven
5,000+
npm
4,462
NuGet
775
pip
4,226
Pub
12
RubyGems
972
Rust
1,093
Swift
47
Unreviewed advisories
All unreviewed
5,000+

948 advisories

Loading
A vulnerability. When org.apache.linkis.metadata.util.HiveUtils.decode() fails to perform Base64... Unknown Unreviewed
CVE-2025-59355 was published Jan 19, 2026
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26... Moderate Unreviewed
CVE-2025-43508 was published Jan 16, 2026
RustFS's RPC signature verification logs shared secret Low
CVE-2026-22782 was published for rustfs (Rust) Jan 16, 2026
rand-tech
Credited to rand-tech
Apache Airflow proxy credentials for various providers might leak in task logs High
CVE-2025-68675 was published for apache-airflow (pip) Jan 16, 2026
Pimcore ENV Variables and Cookie Informations are exposed in http_error_log High
CVE-2026-23493 was published for pimcore/pimcore (Composer) Jan 15, 2026
putzflorian
Credited to putzflorian
hermes's raw options logging may disclose secrets passed in via subcommand options argument Moderate
CVE-2026-22798 was published for hermes (pip) Jan 13, 2026
thunze sdruskat
zyzzyxdonta
Credited to thunze, sdruskat, and zyzzyxdonta
Insertion of sensitive information into log file in Windows Kernel allows an unauthorized... Moderate Unreviewed
CVE-2026-20818 was published Jan 13, 2026
Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Express (DX / AF Management Software) before 16.8... Moderate Unreviewed
CVE-2025-68919 was published Dec 24, 2025
IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0,... Moderate Unreviewed
CVE-2025-36133 was published Dec 18, 2025
The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure... High Unreviewed
CVE-2025-14437 was published Dec 18, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26... Low Unreviewed
CVE-2025-46277 was published Dec 17, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.2 and... Moderate Unreviewed
CVE-2025-43475 was published Dec 17, 2025
Mattermost Desktop App exposes sensitive information in its application logs Low
CVE-2025-13321 was published for mattermost-desktop (npm) Dec 17, 2025
In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft... High Unreviewed
CVE-2025-14432 was published Dec 16, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2025-43538 was published Dec 12, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2025-43517 was published Dec 12, 2025
Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to... Low Unreviewed
CVE-2025-13743 was published Dec 9, 2025
An insertion of sensitive information into log file vulnerability [CWE-532] in FortiOS 7.4.0... Moderate Unreviewed
CVE-2024-47570 was published Dec 9, 2025
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user... Moderate Unreviewed
CVE-2025-64650 was published Dec 9, 2025
ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2... High Unreviewed
CVE-2020-36876 was published Dec 5, 2025
Medtronic CareLink Network allows a local attacker with access to log files on an internal API... Moderate Unreviewed
CVE-2025-12996 was published Dec 4, 2025
Ansible Community General Collection is vulnerable to exposure of sensitive information Moderate
CVE-2025-14010 was published for ansible (pip) Dec 4, 2025
reanguiano
Credited to reanguiano
Coder logs sensitive objects unsanitized High
CVE-2025-66411 was published for github.com/coder/coder/v2 (Go) Dec 3, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.4.5, 18... Low Unreviewed
CVE-2025-13611 was published Nov 26, 2025
In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets... Low Unreviewed
CVE-2025-20373 was published Nov 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database