GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,932

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

742 advisories

Filter by severity

Sort by

Least recently updated

Insertion of Sensitive Information into Log File vulnerability in StylemixThemes Masterstudy LMS... Moderate Unreviewed

CVE-2024-43990 was published Sep 25, 2024

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed

CVE-2024-44166 was published Sep 17, 2024

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed

CVE-2024-40791 was published Sep 17, 2024

Ansible vulnerable to Insertion of Sensitive Information into Log File High

CVE-2024-8775 was published for ansible-core (pip) Sep 16, 2024

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 17.1.7... Moderate Unreviewed

CVE-2024-4472 was published Sep 12, 2024

A vulnerability identified in OpenText™ Identity Manager AzureAD Driver that allows logging of... Moderate Unreviewed

CVE-2021-22518 was published Sep 12, 2024

Possible Insertion of Sensitive Information into Log File Vulnerability in Identity Manager has... Moderate Unreviewed

CVE-2022-26322 was published Sep 12, 2024

Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been... Moderate Unreviewed

CVE-2021-22533 was published Sep 12, 2024

Sensitive Information Exposure Through Insecure Logging For Secrets Like Metadata.DockerBuildArgs Moderate

GHSA-rjc6-vm4h-85cg was published for aws-sam-cli (pip) Sep 11, 2024

AWS SageMaker Training Toolkit logs CodeArtifact Authorization token Moderate

GHSA-635v-pc42-fr74 was published for sagemaker-training (pip) Sep 11, 2024

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2).... Moderate Unreviewed

CVE-2024-42344 was published Sep 10, 2024

A vulnerability has been identified in SINUMERIK 828D V4 (All versions < V4.95 SP3), SINUMERIK... Moderate Unreviewed

CVE-2024-43781 was published Sep 10, 2024

A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker... High Unreviewed

CVE-2024-20440 was published Sep 4, 2024

Vault Leaks Client Token and Token Accessor in Audit Devices Moderate

CVE-2024-8365 was published for github.com/hashicorp/vault (Go) Sep 2, 2024

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if... High Unreviewed

CVE-2024-43444 was published Aug 26, 2024

Retool (self-hosted enterprise) through 3.40.0 inserts resource authentication credentials into... Moderate Unreviewed

CVE-2024-42056 was published Aug 22, 2024

When generating QKView of BIG-IP Next instance from the BIG-IP Next Central Manager (CM), F5... Moderate Unreviewed

CVE-2024-41719 was published Aug 14, 2024

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All... High Unreviewed

CVE-2024-41978 was published Aug 13, 2024

An issue was discovered whereby Elastic Agent will leak secrets from the agent policy elastic... Moderate Unreviewed

CVE-2024-37283 was published Aug 12, 2024

The com.cascadialabs.who (aka Who - Caller ID, Spam Block) application 15.0 for Android places... Low Unreviewed

CVE-2024-40096 was published Aug 5, 2024

APM Server vulnerable to Insertion of Sensitive Information into Log File Moderate

CVE-2024-37286 was published for github.com/elastic/apm-server (Go) Aug 3, 2024

IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive... Moderate Unreviewed

CVE-2024-38321 was published Aug 3, 2024

The CTT Expresso para WooCommerce plugin for WordPress is vulnerable to sensitive information... Moderate Unreviewed

CVE-2024-6687 was published Aug 1, 2024

A vulnerability in Cato Networks SDP Client on Windows allows the insertion of sensitive... Moderate Unreviewed

CVE-2024-6977 was published Jul 31, 2024

Elasticsearch Insertion of Sensitive Information into Log File Moderate

CVE-2023-49921 was published for org.elasticsearch:elasticsearch (Maven) Jul 26, 2024

Previous 1 2 3 4 5 … 29 30 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

742 advisories