GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
440 advisories
Filter by severity
MoinMoin Insertion of Sensitive Information into Log File
Moderate
CVE-2007-0902
was published
for
moin
(pip)
May 1, 2022
The log files in Apache web server contain information directly supplied by clients and does not...
Moderate
Unreviewed
CVE-2001-1556
was published
Apr 30, 2022
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains...
Moderate
Unreviewed
CVE-2022-29869
was published
Apr 29, 2022
Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that...
Moderate
Unreviewed
CVE-2022-27888
was published
Apr 28, 2022
Insertion of Sensitive Information into Log File in Hashicorp go-getter
Moderate
CVE-2022-29810
was published
for
github.com/hashicorp/go-getter
(Go)
Apr 28, 2022
IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that...
Moderate
Unreviewed
CVE-2021-38939
was published
Apr 28, 2022
Azure SDK for .NET Information Disclosure Vulnerability.
Moderate
CVE-2022-26907
was published
for
Microsoft.Rest.ClientRuntime
(NuGet)
Apr 16, 2022
In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which...
Moderate
Unreviewed
CVE-2022-25518
was published
Mar 24, 2022
Insertion of Sensitive Information into Log File in ansible
Moderate
CVE-2021-20180
was published
for
ansible
(pip)
Mar 17, 2022
A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44),...
Moderate
Unreviewed
CVE-2021-41543
was published
Mar 9, 2022
The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly...
Moderate
Unreviewed
CVE-2021-25009
was published
Mar 8, 2022
Wildfly logs plaintext passwords
Moderate
CVE-2020-25640
was published
for
org.wildfly:wildfly-parent
(Maven)
Feb 15, 2022
VMware Cloud Foundation contains an information disclosure vulnerability due to logging of...
Moderate
Unreviewed
CVE-2022-22939
was published
Feb 11, 2022
An information exposure through log file vulnerability exists in the Palo Alto Networks...
Moderate
Unreviewed
CVE-2022-0021
was published
Feb 11, 2022
A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker...
Moderate
Unreviewed
CVE-2022-20630
was published
Feb 11, 2022
Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible
Moderate
CVE-2020-14330
was published
for
ansible
(pip)
Feb 9, 2022
Insertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible
Moderate
CVE-2020-14332
was published
for
ansible
(pip)
Feb 9, 2022
loguru vulnerable to improper privilege management
Moderate
CVE-2022-0338
was published
for
loguru
(pip)
Jan 26, 2022
In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and...
Moderate
Unreviewed
CVE-2022-22703
was published
Jan 18, 2022
IBM Sterling Gentran:Server for Microsoft Windows 5.3 stores potentially sensitive information in...
Moderate
Unreviewed
CVE-2021-39032
was published
Jan 15, 2022
SAP Business One - version 10.0, extended log stores information that can be of a sensitive...
Moderate
Unreviewed
CVE-2021-44234
was published
Jan 15, 2022
Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token...
Moderate
Unreviewed
CVE-2021-45449
was published
Jan 13, 2022
Apache NiFi Insertion of Sensitive Information into Log File
Moderate
CVE-2020-1928
was published
for
org.apache.nifi:nifi-parameter
(Maven)
Jan 6, 2022
Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage...
Moderate
Unreviewed
CVE-2021-36318
was published
Dec 22, 2021
In handleUpdateNetworkState of GnssNetworkConnectivityHandler.java , there is a possible APN...
Moderate
Unreviewed
CVE-2021-0997
was published
Dec 16, 2021
ProTip!
Advisories are also available from the
GraphQL API