Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

440 advisories

Loading
Insertion of Sensitive Information into Log File vulnerability in Frédéric GILLES FG PrestaShop... Moderate Unreviewed
CVE-2024-30511 was published Mar 29, 2024
Insertion of Sensitive Information into Log File vulnerability in Seraphinite Solutions... Moderate Unreviewed
CVE-2024-22138 was published Mar 28, 2024
Insertion of Sensitive Information into Log File vulnerability in PeepSo Community by PeepSo.This... Moderate Unreviewed
CVE-2024-25923 was published Mar 28, 2024
Dell Grab for Windows, versions 5.0.4 and below, contains a cleartext storage of sensitive... Moderate Unreviewed
CVE-2024-25957 was published Mar 26, 2024
IBM InfoSphere Information Server 11.7 stores potentially sensitive information in log files that... Moderate Unreviewed
CVE-2024-22352 was published Mar 21, 2024
Potential log injection in reset user endpoint in CKAN Moderate
CVE-2024-27097 was published for ckan (pip) Mar 13, 2024
ZuhairORZaki
IBM Maximo Application Suite - Maximo Mobile for EAM 8.10 and 8.11 could disclose sensitive... Moderate Unreviewed
CVE-2023-43043 was published Mar 13, 2024
Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component... Moderate Unreviewed
CVE-2023-6814 was published Mar 12, 2024
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an... Moderate Unreviewed
CVE-2023-46171 was published Mar 7, 2024
Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged Moderate
CVE-2023-50740 was published for org.apache.linkis:linkis (Maven) Mar 6, 2024
oscerd
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10... Moderate Unreviewed
CVE-2023-50951 was published Feb 17, 2024
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10... Moderate Unreviewed
CVE-2024-22337 was published Feb 17, 2024
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10... Moderate Unreviewed
CVE-2024-22335 was published Feb 17, 2024
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10... Moderate Unreviewed
CVE-2024-22336 was published Feb 17, 2024
Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain... Moderate Unreviewed
CVE-2024-22464 was published Feb 8, 2024
glance-store logs s3 access keys Moderate
CVE-2024-1141 was published for glance-store (pip) Feb 1, 2024
m3t3kh4n
An insertion of Sensitive Information into Log File vulnerability is affecting DELMIA Apriso... Moderate Unreviewed
CVE-2024-0935 was published Feb 1, 2024
Hashicorp Vault may expose sensitive log information Moderate
CVE-2024-0831 was published for github.com/hashicorp/vault (Go) Feb 1, 2024
`goreleaser release --debug` shows secrets Moderate
CVE-2024-23840 was published for github.com/goreleaser/goreleaser (Go) Jan 30, 2024
andreaangiolillo caarlos0
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its... Moderate Unreviewed
CVE-2023-46231 was published Jan 30, 2024
Insertion of debug information into log file during building the elastic search index allows... Moderate Unreviewed
CVE-2024-23791 was published Jan 29, 2024
In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server... Moderate Unreviewed
CVE-2024-23677 was published Jan 22, 2024
Insertion of Sensitive Information into Log File in OWASP DependencyCheck Moderate
CVE-2024-23686 was published for org.owasp:dependency-check-ant (Maven) Jan 20, 2024
r3kumar
react-native-mmkv Insertion of Sensitive Information into Log File vulnerability Moderate
CVE-2024-21668 was published for react-native-mmkv (npm) Jan 9, 2024
maxammann
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPMU DEV Defender... Moderate Unreviewed
CVE-2023-51490 was published Jan 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database