Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

90 advisories

Loading
Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting... Low Unreviewed
CVE-2022-2394 was published Jul 20, 2022
In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file Low Unreviewed
CVE-2022-48435 was published Apr 4, 2023
IBM Robotic Process Automation with Automation Anywhere 11 information disclosure could allow a... Low Unreviewed
CVE-2019-4296 was published May 24, 2022
The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0... Low Unreviewed
CVE-2016-5432 was published May 17, 2022
In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated... Low Unreviewed
CVE-2021-41808 was published Jan 19, 2022
The LinuxMagic MagicSpam extension before 2.0.14-1 for Plesk allows local users to discover... Low Unreviewed
CVE-2018-5693 was published May 14, 2022
Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 8.2.01... Low Unreviewed
CVE-2022-39876 was published Oct 7, 2022
IBM QRadar 7.3 stores potentially sensitive information in log files that could be read by a... Low Unreviewed
CVE-2017-1733 was published May 13, 2022
In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a... Low Unreviewed
CVE-2021-0991 was published Dec 16, 2021
(1) impl_db2.py and (2) impl_mongodb.py in OpenStack Ceilometer 2013.2 and earlier, when the... Low Unreviewed
CVE-2013-6384 was published May 13, 2022
The commandline package update tool zypper writes HTTP proxy credentials into its logfile,... Low Unreviewed
CVE-2017-9271 was published May 13, 2022
The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0... Low Unreviewed
CVE-2011-1943 was published May 13, 2022
Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro Manage prior to... Low Unreviewed
CVE-2022-39893 was published Nov 10, 2022
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS... Low Unreviewed
CVE-2021-3037 was published May 24, 2022
Dell Wyse ThinOS, versions 9.0, 9.1, and 9.1 MR1, contain a Sensitive Information Disclosure... Low Unreviewed
CVE-2021-21598 was published May 24, 2022
Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. An... Low Unreviewed
CVE-2021-21597 was published May 24, 2022
IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, and 1.3 could allow a privileged... Low Unreviewed
CVE-2021-29759 was published May 24, 2022
Automox Agent prior to version 31 logs potentially sensitive information in local log files,... Low Unreviewed
CVE-2021-26908 was published May 24, 2022
Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically... Low Unreviewed
CVE-2021-25350 was published May 24, 2022
An information exposure through log file vulnerability exists where the password for the... Low Unreviewed
CVE-2020-2048 was published May 24, 2022
Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7... Low Unreviewed
CVE-2020-7322 was published May 24, 2022
An information exposure vulnerability in the logging component of Palo Alto Networks Global... Low Unreviewed
CVE-2020-1987 was published May 24, 2022
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered Windows OS... Low Unreviewed
CVE-2019-19756 was published May 24, 2022
The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account... Low Unreviewed
CVE-2019-16206 was published May 24, 2022
Traefik may display authorization header in the debug logs Low
CVE-2022-23469 was published for github.com/traefik/traefik/v2 (Go) Dec 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database