GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,730
Composer 5,030
Erlang 39
GitHub Actions 38
Go 2,670
Maven 6,116
npm 4,296
NuGet 760
pip 4,075
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 277,922

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

38 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM Concert 1.0.0 through 2.0.0 could allow a local user to forge log files to impersonate other... Moderate Unreviewed

CVE-2025-36159 was published Nov 21, 2025

The Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin for... Moderate Unreviewed

CVE-2025-11627 was published Oct 30, 2025

IBM Concert Software 1.0.0 through 2.0.0 could allow a user to modify system logs due to... Moderate Unreviewed

CVE-2025-36081 was published Oct 28, 2025

An API endpoint allows arbitrary log entries to be created via POST request. Without... Moderate Unreviewed

CVE-2025-58580 was published Oct 6, 2025

A vulnerability exists in Asset Suite for an authenticated user to manipulate the content of... Moderate Unreviewed

CVE-2025-10217 was published Sep 30, 2025

Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using JSONLayout,... Moderate Unreviewed

CVE-2025-54813 was published Aug 22, 2025

Large content vulnerabilities are present in ASPECT exposing a device to disk overutilization on... Moderate Unreviewed

CVE-2024-13949 was published May 22, 2025

Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows,... Moderate Unreviewed

CVE-2025-3942 was published May 22, 2025

In Nessus versions prior to 10.8.4, a non-authenticated attacker could alter Nessus logging... Moderate Unreviewed

CVE-2025-36625 was published Apr 18, 2025

An Improper Output Neutralization for Logs vulnerability [CWE-117] in FortiAnalyzer version 7.6.1... Moderate Unreviewed

CVE-2024-52962 was published Apr 8, 2025

A vulnerability in danny-avila/librechat prior to version 0.7.6 allows for logs debug injection.... Moderate Unreviewed

CVE-2024-12580 was published Mar 20, 2025

Unauthenticated log effects metrics gathering incident response efforts and potentially exposes... Moderate Unreviewed

CVE-2025-23405 was published Feb 28, 2025

IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files... Moderate Unreviewed

CVE-2024-49355 was published Feb 20, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 could allow an attacker to spoof their IP address,... Moderate Unreviewed

CVE-2024-56473 was published Feb 6, 2025

The vulnerability was found in OpenShift Service Mesh 2.6.3 and 2.5.6. This issue occurs due to... Moderate Unreviewed

CVE-2025-0754 was published Jan 28, 2025

IBM Maximo Application Suite 8.10.12, 8.11.0, 9.0.1, and 9.1.0 - Monitor Component does not... Moderate Unreviewed

CVE-2024-35150 was published Jan 25, 2025

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could allow an authenticated user... Moderate Unreviewed

CVE-2024-52891 was published Jan 7, 2025

Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible... Moderate Unreviewed

CVE-2024-7696 was published Jan 7, 2025

A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f.... Moderate Unreviewed

CVE-2024-8334 was published Aug 30, 2024

A vulnerability was found in kitsada8621 Digital Library Management System 1.0. It has been... Moderate Unreviewed

CVE-2024-8297 was published Aug 29, 2024

An issue was discovered in Italtel Embrace 1.6.4. The product does not neutralize or incorrectly... Moderate Unreviewed

CVE-2024-31845 was published May 21, 2024

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in... Moderate Unreviewed

CVE-2023-28952 was published May 3, 2024

Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs... Moderate Unreviewed

CVE-2023-39461 was published May 3, 2024

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.9.0 and IBM... Moderate Unreviewed

CVE-2024-22356 was published Mar 26, 2024

IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate... Moderate Unreviewed

CVE-2023-38020 was published Feb 2, 2024

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

38 advisories