GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,952

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

433 advisories

Filter by severity

Sort by

Least recently updated

Improper masking of credentials in Jenkins Pipeline Maven Integration Plugin Moderate

CVE-2023-41934 was published for org.jenkins-ci.plugins:pipeline-maven (Maven) Sep 6, 2023

Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023... Moderate Unreviewed

CVE-2023-30721 was published Sep 6, 2023

Sensitive information leak through log files. The following products are affected: Acronis Agent ... Moderate Unreviewed

CVE-2023-4688 was published Aug 31, 2023

MongoDB Driver may publish events containing authentication-related data Moderate

CVE-2021-32050 was published for github.com/mongodb/mongo-swift-driver (Composer) Aug 29, 2023

Improper log output when using GitHub Status Notifications in spinnaker Moderate

CVE-2023-39348 was published for github.com/spinnaker/spinnaker (Go) Aug 29, 2023

IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 server could... Moderate Unreviewed

CVE-2023-38733 was published Aug 23, 2023

IBM Robotic Process Automation 21.0.0 through 21.0.7 server could allow an authenticated user to... Moderate Unreviewed

CVE-2023-38732 was published Aug 22, 2023

Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file... Moderate Unreviewed

CVE-2023-32491 was published Aug 16, 2023

Jenkins Folders Plugin information disclosure vulnerability Moderate

CVE-2023-40338 was published for org.jenkins-ci.plugins:cloudbees-folder (Maven) Aug 16, 2023

Plaintext Password vulnerability in AddAdmin.py in cms-dev/cms v1.4.rc1, allows attackers to gain... Moderate Unreviewed

CVE-2020-24804 was published Aug 11, 2023

Mattermost fails to sanitize post metadata Moderate

CVE-2023-4108 was published for github.com/mattermost/mattermost-server/v6 (Go) Aug 11, 2023

Audit logs on F5OS-A may contain undisclosed sensitive information. Note: Software versions... Moderate Unreviewed

CVE-2023-36494 was published Aug 2, 2023

The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9... Moderate Unreviewed

CVE-2023-31426 was published Aug 2, 2023

Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in... Moderate Unreviewed

CVE-2023-32468 was published Jul 26, 2023

The VMware Tanzu Application Service for VMs and Isolation Segment contain an information... Moderate Unreviewed

CVE-2023-20891 was published Jul 26, 2023

Dell PowerStore versions prior to 3.5.0.1 contain an insertion of sensitive information into log... Moderate Unreviewed

CVE-2023-32478 was published Jul 21, 2023

Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure... Moderate Unreviewed

CVE-2023-32446 was published Jul 20, 2023

Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure... Moderate Unreviewed

CVE-2023-32447 was published Jul 20, 2023

Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure... Moderate Unreviewed

CVE-2023-32455 was published Jul 20, 2023

An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an... Moderate Unreviewed

CVE-2023-37224 was published Jul 14, 2023

In JetBrains TeamCity before 2023.05.1 build parameters of the "password" type could be written... Moderate Unreviewed

CVE-2023-38067 was published Jul 12, 2023

In JetBrains TeamCity before 2023.05.1 build chain parameters of the "password" type could be... Moderate Unreviewed

CVE-2023-38064 was published Jul 12, 2023

A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an... Moderate Unreviewed

CVE-2023-20207 was published Jul 12, 2023

IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 and 12.0.5.0 contains an... Moderate Unreviewed

CVE-2022-42439 was published Jul 6, 2023

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed

CVE-2023-32392 was published Jun 23, 2023

Previous 1 2 … 5 6 7 8 9 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

433 advisories