Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

746 advisories

Loading
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure... High Unreviewed
CVE-2021-36289 was published Jan 27, 2022
loguru vulnerable to improper privilege management Moderate
CVE-2022-0338 was published for loguru (pip) Jan 26, 2022
In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated... Low Unreviewed
CVE-2021-41808 was published Jan 19, 2022
In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and... Moderate Unreviewed
CVE-2022-22703 was published Jan 18, 2022
IBM Sterling Gentran:Server for Microsoft Windows 5.3 stores potentially sensitive information in... Moderate Unreviewed
CVE-2021-39032 was published Jan 15, 2022
SAP Business One - version 10.0, extended log stores information that can be of a sensitive... Moderate Unreviewed
CVE-2021-44234 was published Jan 15, 2022
Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token... Moderate Unreviewed
CVE-2021-45449 was published Jan 13, 2022
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions <... High Unreviewed
CVE-2021-45034 was published Jan 12, 2022
Insertion of Sensitive Information into Log File in Apache Geode High
CVE-2021-34797 was published for org.apache.geode:geode-core (Maven) Jan 6, 2022
Insertion of Sensitive Information into Log File in Apache NiFi Stateless High
CVE-2020-9486 was published for org.apache.nifi:nifi-stateless (Maven) Jan 6, 2022
Insertion of Sensitive Information into Log File in Apache NiFi High
CVE-2020-1942 was published for org.apache.nifi:nifi-framework-core (Maven) Jan 6, 2022
Apache NiFi Insertion of Sensitive Information into Log File Moderate
CVE-2020-1928 was published for org.apache.nifi:nifi-parameter (Maven) Jan 6, 2022
Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage... Moderate Unreviewed
CVE-2021-36318 was published Dec 22, 2021
In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a... Low Unreviewed
CVE-2021-0991 was published Dec 16, 2021
In handleUpdateNetworkState of GnssNetworkConnectivityHandler.java , there is a possible APN... Moderate Unreviewed
CVE-2021-0997 was published Dec 16, 2021
Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when... High Unreviewed
CVE-2021-37861 was published Dec 10, 2021
SYNEL - eharmonynew / Synel Reports - The attacker can log in to the system with default... Moderate Unreviewed
CVE-2021-36718 was published Dec 9, 2021
Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read application... High Unreviewed
CVE-2021-38283 was published Nov 30, 2021
Sensitive information could be logged. The following products are affected: Acronis Agent ... High Unreviewed
CVE-2021-34800 was published Nov 30, 2021
Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This... Moderate Unreviewed
CVE-2021-21561 was published Nov 24, 2021
Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. A... Moderate Unreviewed
CVE-2021-36340 was published Nov 21, 2021
A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters... Moderate Unreviewed
CVE-2021-27026 was published Nov 19, 2021
Insecure direct object reference of log files of the Import/Export feature Moderate
CVE-2021-37709 was published for shopware/core (Composer) Aug 30, 2021
Information Disclosure in User Authentication Moderate
CVE-2021-32767 was published for typo3/cms (Composer) Jul 26, 2021
tdunlap607
Insertion of Sensitive Information into Log File in ansible High
CVE-2021-20178 was published for ansible (pip) Jun 1, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database