Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

746 advisories

Loading
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Naa986 WP Stripe... High Unreviewed
CVE-2023-52143 was published Jan 5, 2024
CubeFS leaks users key in logs Moderate
CVE-2023-46742 was published for github.com/cubefs/cubefs (Go) Jan 3, 2024
AdamKorcz
The PayHere Payment Gateway WordPress plugin before 2.2.12 automatically creates publicly... High Unreviewed
CVE-2023-6064 was published Jan 1, 2024
An insertion of sensitive information into the log file in the audit log in GitHub Enterprise... High Unreviewed
CVE-2023-6802 was published Dec 21, 2023
An insertion of sensitive information into log file vulnerability was identified in the log files... High Unreviewed
CVE-2023-6746 was published Dec 21, 2023
nvdApiKey is logged in debug mode Low
GHSA-qqhq-8r2c-c3f5 was published for org.owasp:dependency-check-ant (Maven) Dec 15, 2023
hott-box
In affected versions of Octopus Server it is possible for the OpenID client secret to be logged... Moderate Unreviewed
CVE-2023-1904 was published Dec 14, 2023
An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs... High Unreviewed
CVE-2023-46671 was published Dec 13, 2023
An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs... High Unreviewed
CVE-2023-46675 was published Dec 13, 2023
An issue was discovered by Elastic whereby Elastic Agent would log a raw event in its own logs at... Moderate Unreviewed
CVE-2023-6687 was published Dec 12, 2023
Elastic Beats inserts sensitive information into log file Moderate
CVE-2023-49922 was published for github.com/elastic/beats (Go) Dec 12, 2023
levinebw
An issue was discovered by Elastic whereby the Documents API of App Search logged the raw... Moderate Unreviewed
CVE-2023-49923 was published Dec 12, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed
CVE-2023-42927 was published Dec 12, 2023
Insertion of sensitive information in the centralized (Grafana) logging system in ProLion... Critical Unreviewed
CVE-2023-36649 was published Dec 12, 2023
Logging of the firestore key within nodejs-firestore Moderate
CVE-2023-6460 was published for @google-cloud/firestore (npm) Dec 4, 2023
abhishekwebcode
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local... Low Unreviewed
CVE-2023-6287 was published Nov 27, 2023
Cron log backup files contain administrator session IDs. It is trivial for any attacker who can... High Unreviewed
CVE-2023-4677 was published Nov 23, 2023
Insertion of Sensitive Information into Log Moderate
CVE-2023-48708 was published for codeigniter4/shield (Composer) Nov 23, 2023
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1... Moderate Unreviewed
CVE-2023-25682 was published Nov 22, 2023
Exposure of Sensitive Information in Elastic APM .NET Agent Low
CVE-2021-22143 was published for Elastic.Apm (NuGet) Nov 22, 2023
MarkLee131
An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs... High Unreviewed
CVE-2023-46672 was published Nov 15, 2023
Insertion of sensitive information into log file in some Intel(R) On Demand software before... Moderate Unreviewed
CVE-2023-32283 was published Nov 14, 2023
Insertion of sensitive information into log file for some Intel Unison software may allow an... Low Unreviewed
CVE-2022-46647 was published Nov 14, 2023
The affected versions of MongoDB Atlas Kubernetes Operator may print sensitive information like... High Unreviewed
CVE-2023-0436 was published Nov 14, 2023
An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM version... Low Unreviewed
CVE-2023-45585 was published Nov 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database