Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

433 advisories

Loading
Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component... Moderate Unreviewed
CVE-2023-6814 was published Mar 12, 2024
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an... Moderate Unreviewed
CVE-2023-46171 was published Mar 7, 2024
Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged Moderate
CVE-2023-50740 was published for org.apache.linkis:linkis (Maven) Mar 6, 2024
oscerd
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10... Moderate Unreviewed
CVE-2023-50951 was published Feb 17, 2024
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10... Moderate Unreviewed
CVE-2024-22337 was published Feb 17, 2024
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10... Moderate Unreviewed
CVE-2024-22335 was published Feb 17, 2024
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10... Moderate Unreviewed
CVE-2024-22336 was published Feb 17, 2024
Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain... Moderate Unreviewed
CVE-2024-22464 was published Feb 8, 2024
An insertion of Sensitive Information into Log File vulnerability is affecting DELMIA Apriso... Moderate Unreviewed
CVE-2024-0935 was published Feb 1, 2024
glance-store logs s3 access keys Moderate
CVE-2024-1141 was published for glance-store (pip) Feb 1, 2024
m3t3kh4n
Hashicorp Vault may expose sensitive log information Moderate
CVE-2024-0831 was published for github.com/hashicorp/vault (Go) Feb 1, 2024
`goreleaser release --debug` shows secrets Moderate
CVE-2024-23840 was published for github.com/goreleaser/goreleaser (Go) Jan 30, 2024
andreaangiolillo caarlos0
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its... Moderate Unreviewed
CVE-2023-46231 was published Jan 30, 2024
Insertion of debug information into log file during building the elastic search index allows... Moderate Unreviewed
CVE-2024-23791 was published Jan 29, 2024
In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server... Moderate Unreviewed
CVE-2024-23677 was published Jan 22, 2024
Insertion of Sensitive Information into Log File in OWASP DependencyCheck Moderate
CVE-2024-23686 was published for org.owasp:dependency-check-ant (Maven) Jan 20, 2024
r3kumar
react-native-mmkv Insertion of Sensitive Information into Log File vulnerability Moderate
CVE-2024-21668 was published for react-native-mmkv (npm) Jan 9, 2024
maxammann
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StudioWombat WP Optin... Moderate Unreviewed
CVE-2023-51408 was published Jan 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Database... Moderate Unreviewed
CVE-2023-51508 was published Jan 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPMU DEV Defender... Moderate Unreviewed
CVE-2023-51490 was published Jan 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Aaron J 404 Solution... Moderate Unreviewed
CVE-2023-52146 was published Jan 5, 2024
CubeFS leaks users key in logs Moderate
CVE-2023-46742 was published for github.com/cubefs/cubefs (Go) Jan 3, 2024
AdamKorcz
In affected versions of Octopus Server it is possible for the OpenID client secret to be logged... Moderate Unreviewed
CVE-2023-1904 was published Dec 14, 2023
An issue was discovered by Elastic whereby Elastic Agent would log a raw event in its own logs at... Moderate Unreviewed
CVE-2023-6687 was published Dec 12, 2023
Elastic Beats inserts sensitive information into log file Moderate
CVE-2023-49922 was published for github.com/elastic/beats (Go) Dec 12, 2023
levinebw
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database