Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

746 advisories

Loading
Insertion of Sensitive Information into Log File vulnerability in WP 2FA allows Accessing... Moderate Unreviewed
CVE-2022-44587 was published Jun 21, 2024
SonarQube logs sensitive information Moderate
CVE-2024-38460 was published for org.sonarsource.sonarqube:sonar-web (Maven) Jun 16, 2024
The session cookies, used for authentication, are stored in clear-text logs. An attacker can... Moderate Unreviewed
CVE-2024-27156 was published Jun 14, 2024
The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A... Moderate Unreviewed
CVE-2024-27157 was published Jun 14, 2024
Passwords are stored in clear-text logs. An attacker can retrieve passwords. As for the affected... Moderate Unreviewed
CVE-2024-27154 was published Jun 14, 2024
A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user... Moderate Unreviewed
CVE-2024-5908 was published Jun 12, 2024
CWE-532: Insertion of Sensitive Information into Log File vulnerability exists that could cause... Moderate Unreviewed
CVE-2024-5557 was published Jun 12, 2024
Insertion of Sensitive Information into Log File vulnerability in Octolize USPS Shipping for... Moderate Unreviewed
CVE-2024-32811 was published Jun 9, 2024
Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C... High Unreviewed
CVE-2024-0912 was published Jun 6, 2024
Insertion of Sensitive Information into Log File vulnerability in Code Parrots Easy Forms for... High Unreviewed
CVE-2024-25095 was published Jun 4, 2024
apko Exposure of HTTP basic auth credentials in log output High
CVE-2024-36127 was published for chainguard.dev/apko (Go) Jun 4, 2024
kolloch
Insertion of Sensitive Information into Log File vulnerability in Lukman Nakib Debug Log – Manger... Moderate Unreviewed
CVE-2024-34798 was published Jun 3, 2024
Slack integration leaks sensitive information in logs Low
CVE-2024-35196 was published for sentry (pip) Jun 2, 2024
asottile asottile-sentry
Fides Webserver Logs Hosted Database Password Partial Exposure Vulnerability Low
CVE-2024-34715 was published for ethyca-fides (pip) May 29, 2024
tariqajyusuf pattisdr
goreleaser shows environment by default Moderate
GHSA-f6mm-5fc7-3g3c was published for github.com/goreleaser/goreleaser (Go) May 15, 2024
xrstf xmudrii
caarlos0
source-controller leaks Azure Storage SAS token into logs Moderate
CVE-2024-31216 was published for github.com/fluxcd/source-controller (Go) May 15, 2024
azure-file-csi-driver leaks service account tokens in the logs Moderate
CVE-2024-3744 was published for sigs.k8s.io/azurefile-csi-driver (Go) May 15, 2024
Insertion of Sensitive Information into Log File vulnerability in AlexaCRM Dynamics 365... Moderate Unreviewed
CVE-2024-34550 was published May 14, 2024
Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This... High Unreviewed
CVE-2024-34559 was published May 14, 2024
@valtimo/components exposes access token to form.io Critical
CVE-2024-34706 was published for @valtimo/components (npm) May 13, 2024
matrix-sdk-crypto contains a log exposure of private key of the server-side key backup Moderate
CVE-2024-34353 was published for matrix-sdk-crypto (Rust) May 13, 2024
IBM Watson CP4D Data Stores 4.0.0 through 4.8.4 stores potentially sensitive information in log... Moderate Unreviewed
CVE-2023-40694 was published May 7, 2024
spaces_plugin/app.py in SolidUI 0.4.0 has an unnecessary print statement for an OpenAI key. The... High Unreviewed
CVE-2024-34527 was published May 6, 2024
A highly privileged account can overwrite arbitrary files on the system with log output. The log... Moderate Unreviewed
CVE-2024-28072 was published May 3, 2024
Insertion of Sensitive Information into Log File vulnerability in Jordy Meow WP Media Cleaner... Moderate Unreviewed
CVE-2024-33922 was published May 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database