Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,318
Maven
5,000+
npm
3,950
NuGet
711
pip
3,730
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

65 advisories

Loading
Large content vulnerabilities are present in ASPECT exposing a device to disk overutilization on... Moderate Unreviewed
CVE-2024-13949 was published May 22, 2025
Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows,... Moderate Unreviewed
CVE-2025-3942 was published May 22, 2025
a-blog cms multiple versions neutralize logs improperly. If this vulnerability is exploited with... Low Unreviewed
CVE-2025-41429 was published May 19, 2025
In Nessus versions prior to 10.8.4, a non-authenticated attacker could alter Nessus logging... Moderate Unreviewed
CVE-2025-36625 was published Apr 18, 2025
An Improper Output Neutralization for Logs vulnerability [CWE-117] in FortiAnalyzer version 7.6.1... Moderate Unreviewed
CVE-2024-52962 was published Apr 8, 2025
LiteLLM Reveals Portion of API Key via a Logging File High
CVE-2024-9606 was published for litellm (pip) Mar 20, 2025
A vulnerability in danny-avila/librechat prior to version 0.7.6 allows for logs debug injection.... Moderate Unreviewed
CVE-2024-12580 was published Mar 20, 2025
Envoy Gateway Log Injection Vulnerability Moderate
CVE-2025-25294 was published for github.com/envoyproxy/gateway (Go) Mar 6, 2025
denniskniep zirain
guydc
Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection Moderate
CVE-2025-27111 was published for rack (RubyGems) Mar 4, 2025
Masamuneee ioquatix
jeremyevans
Unauthenticated log effects metrics gathering incident response efforts and potentially exposes... Moderate Unreviewed
CVE-2025-23405 was published Feb 28, 2025
IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files... Moderate Unreviewed
CVE-2024-49355 was published Feb 20, 2025
Possible Log Injection in Rack::CommonLogger Moderate
CVE-2025-25184 was published for rack (RubyGems) Feb 12, 2025
HexSave jeremyevans
ioquatix taketo1113 nick-f vladimir-mencl-eresearch lostapathy matthewbjones lfittl
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 could allow an attacker to spoof their IP address,... Moderate Unreviewed
CVE-2024-56473 was published Feb 6, 2025
The vulnerability was found in OpenShift Service Mesh 2.6.3 and 2.5.6. This issue occurs due to... Moderate Unreviewed
CVE-2025-0754 was published Jan 28, 2025
IBM Maximo Application Suite 8.10.12, 8.11.0, 9.0.1, and 9.1.0 - Monitor Component does not... Moderate Unreviewed
CVE-2024-35150 was published Jan 25, 2025
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could allow an authenticated user... Moderate Unreviewed
CVE-2024-52891 was published Jan 7, 2025
Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible... Moderate Unreviewed
CVE-2024-7696 was published Jan 7, 2025
A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f.... Moderate Unreviewed
CVE-2024-8334 was published Aug 30, 2024
A vulnerability was found in kitsada8621 Digital Library Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-8297 was published Aug 29, 2024
Improper output Neutralization for Logs (CWE-117) in the Command Centre API Diagnostics Endpoint... Low Unreviewed
CVE-2024-23194 was published Jul 11, 2024
NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can... Critical Unreviewed
CVE-2024-0095 was published Jun 14, 2024
An issue was discovered in Italtel Embrace 1.6.4. The product does not neutralize or incorrectly... Moderate Unreviewed
CVE-2024-31845 was published May 21, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in... Moderate Unreviewed
CVE-2023-28952 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs... Moderate Unreviewed
CVE-2023-39461 was published May 3, 2024
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection... High Unreviewed
CVE-2024-25047 was published May 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database