GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,856
Composer 4,262
Erlang 31
GitHub Actions 21
Go 2,030
Maven 5,210
npm 3,732
NuGet 662
pip 3,409
Pub 12
RubyGems 891
Rust 865
Swift 36

Unreviewed advisories

All unreviewed 237,405

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

746 advisories

Filter by severity

Sort by

Least recently updated

Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows... High Unreviewed

CVE-2024-8609 was published Sep 27, 2024

IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file... Moderate Unreviewed

CVE-2023-46175 was published Sep 26, 2024

Insertion of sensitive information into log file vulnerability in proxy settings component in... Moderate Unreviewed

CVE-2022-49037 was published Sep 26, 2024

An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows... Moderate Unreviewed

CVE-2024-7421 was published Sep 25, 2024

Insertion of Sensitive Information into Log File vulnerability in StylemixThemes Masterstudy LMS... Moderate Unreviewed

CVE-2024-43990 was published Sep 25, 2024

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed

CVE-2024-44166 was published Sep 17, 2024

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed

CVE-2024-40791 was published Sep 17, 2024

Ansible vulnerable to Insertion of Sensitive Information into Log File High

CVE-2024-8775 was published for ansible-core (pip) Sep 16, 2024

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 17.1.7... Moderate Unreviewed

CVE-2024-4472 was published Sep 12, 2024

Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been... Moderate Unreviewed

CVE-2021-22533 was published Sep 12, 2024

Possible Insertion of Sensitive Information into Log File Vulnerability in Identity Manager has... Moderate Unreviewed

CVE-2022-26322 was published Sep 12, 2024

A vulnerability identified in OpenText™ Identity Manager AzureAD Driver that allows logging of... Moderate Unreviewed

CVE-2021-22518 was published Sep 12, 2024

Sensitive Information Exposure Through Insecure Logging For Secrets Like Metadata.DockerBuildArgs Moderate

GHSA-rjc6-vm4h-85cg was published for aws-sam-cli (pip) Sep 11, 2024

AWS SageMaker Training Toolkit logs CodeArtifact Authorization token Moderate

GHSA-635v-pc42-fr74 was published for sagemaker-training (pip) Sep 11, 2024

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2).... Moderate Unreviewed

CVE-2024-42344 was published Sep 10, 2024

A vulnerability has been identified in SINUMERIK 828D V4 (All versions < V4.95 SP3), SINUMERIK... Moderate Unreviewed

CVE-2024-43781 was published Sep 10, 2024

A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker... High Unreviewed

CVE-2024-20440 was published Sep 4, 2024

Vault Leaks Client Token and Token Accessor in Audit Devices Moderate

CVE-2024-8365 was published for github.com/hashicorp/vault (Go) Sep 2, 2024

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if... High Unreviewed

CVE-2024-43444 was published Aug 26, 2024

Retool (self-hosted enterprise) through 3.40.0 inserts resource authentication credentials into... Moderate Unreviewed

CVE-2024-42056 was published Aug 22, 2024

When generating QKView of BIG-IP Next instance from the BIG-IP Next Central Manager (CM), F5... Moderate Unreviewed

CVE-2024-41719 was published Aug 14, 2024

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All... High Unreviewed

CVE-2024-41978 was published Aug 13, 2024

An issue was discovered whereby Elastic Agent will leak secrets from the agent policy elastic... Moderate Unreviewed

CVE-2024-37283 was published Aug 12, 2024

The com.cascadialabs.who (aka Who - Caller ID, Spam Block) application 15.0 for Android places... Low Unreviewed

CVE-2024-40096 was published Aug 5, 2024

APM Server vulnerable to Insertion of Sensitive Information into Log File Moderate

CVE-2024-37286 was published for github.com/elastic/apm-server (Go) Aug 3, 2024

Previous 1 2 3 4 5 … 29 30 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

746 advisories