Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

602 advisories

Loading
Insertion of sensitive information in the centralized (Grafana) logging system in ProLion... Critical Unreviewed
CVE-2023-36649 was published Dec 12, 2023
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local... Low Unreviewed
CVE-2023-6287 was published Nov 27, 2023
Cron log backup files contain administrator session IDs. It is trivial for any attacker who can... High Unreviewed
CVE-2023-4677 was published Nov 23, 2023
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1... Moderate Unreviewed
CVE-2023-25682 was published Nov 22, 2023
An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs... High Unreviewed
CVE-2023-46672 was published Nov 15, 2023
Insertion of sensitive information into log file in some Intel(R) On Demand software before... Moderate Unreviewed
CVE-2023-32283 was published Nov 14, 2023
Insertion of sensitive information into log file for some Intel Unison software may allow an... Low Unreviewed
CVE-2022-46647 was published Nov 14, 2023
The affected versions of MongoDB Atlas Kubernetes Operator may print sensitive information like... High Unreviewed
CVE-2023-0436 was published Nov 14, 2023
An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM version... Low Unreviewed
CVE-2023-45585 was published Nov 14, 2023
In User Backup Manager, there is a possible way to leak a token to bypass user confirmation for... Moderate Unreviewed
CVE-2023-21387 was published Oct 30, 2023
An issue was discovered by Elastic whereby sensitive information is recorded in Kibana logs in... High Unreviewed
CVE-2023-31422 was published Oct 26, 2023
An issue was discovered in Fleet Server >= v8.10.0 and < v8.10.3 where Agent enrolment tokens are... High Unreviewed
CVE-2023-46667 was published Oct 26, 2023
If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the... Critical Unreviewed
CVE-2023-46668 was published Oct 26, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2023-42857 was published Oct 25, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2023-40405 was published Oct 25, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed
CVE-2023-41254 was published Oct 25, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed
CVE-2023-40425 was published Oct 25, 2023
Mattermost Desktop fails to set an appropriate log level during initial run after fresh... Moderate Unreviewed
CVE-2023-5339 was published Oct 17, 2023
IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that... Moderate Unreviewed
CVE-2023-40682 was published Oct 13, 2023
An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to... Low Unreviewed
CVE-2023-41263 was published Oct 13, 2023
An insertion of sensitive information into log file vulnerability in Fortinet FortiGuest 1.0.0... Moderate Unreviewed
CVE-2023-25604 was published Oct 10, 2023
Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could... High Unreviewed
CVE-2023-5499 was published Oct 10, 2023
When BIG-IP APM Guided Configurations are configured, undisclosed sensitive information may be... Moderate Unreviewed
CVE-2023-39447 was published Oct 10, 2023
When on BIG-IP DNS or BIG-IP LTM enabled with DNS Services License, and a TSIG key is created,... Moderate Unreviewed
CVE-2023-41253 was published Oct 10, 2023
When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged... Moderate Unreviewed
CVE-2023-43485 was published Oct 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database