Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

179 advisories

Loading
BIG-IP APM Edge Client before version 7.1.8 (7180.2019.508.705) logs the full apm session ID in... High Unreviewed
CVE-2019-6656 was published May 24, 2022
Cloud Foundry BOSH 267.x versions prior to v267.14.0, and BOSH 270.x versions prior to v270.1.1,... High Unreviewed
CVE-2019-11271 was published May 24, 2022
Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions. High Unreviewed
CVE-2019-9929 was published May 24, 2022
Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used... High Unreviewed
CVE-2019-11336 was published May 24, 2022
ProjectSend before r1070 writes user passwords to the server logs. High Unreviewed
CVE-2019-11492 was published May 24, 2022
aquaverde Aquarius CMS through 4.3.5 writes POST and GET parameters (including passwords) to a... High Unreviewed
CVE-2019-9734 was published May 24, 2022
aquaverde Aquarius CMS through 4.3.5 allows Information Exposure through Log Files because of an... High Unreviewed
CVE-2019-9724 was published May 24, 2022
In various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s... High Unreviewed
CVE-2019-6157 was published May 24, 2022
An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs... High Unreviewed
CVE-2023-46672 was published Nov 15, 2023
** DISPUTED ** An issue was discovered in SecurEnvoy SecurAccess 9.3.502. When put in Debug mode... High Unreviewed
CVE-2018-18466 was published May 13, 2022
Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an insertion of sensitive... High Unreviewed
CVE-2024-25959 was published Mar 28, 2024
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes... High Unreviewed
CVE-2024-29945 was published Mar 27, 2024
Insertion of Sensitive Information into Log File vulnerability in GSheetConnector CF7 Google... High Unreviewed
CVE-2023-44989 was published Mar 26, 2024
Insecure Variable Substitution in Vela High
CVE-2024-28236 was published for github.com/go-vela/worker (Go) Mar 14, 2024
gdiepen
The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log... High Unreviewed
CVE-2023-47131 was published Feb 9, 2024
An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows... High Unreviewed
CVE-2023-43261 was published Oct 4, 2023
In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal... High Unreviewed
CVE-2023-46230 was published Jan 30, 2024
Vault GitHub Action did not correctly mask multi-line secrets in output High
CVE-2021-32074 was published for hashicorp/vault-action (GitHub Actions) May 24, 2022
tdunlap607 Gentoli
The PayHere Payment Gateway WordPress plugin before 2.2.12 automatically creates publicly... High Unreviewed
CVE-2023-6064 was published Jan 1, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Naa986 WP Stripe... High Unreviewed
CVE-2023-52143 was published Jan 5, 2024
An insertion of sensitive information into log file vulnerability was identified in the log files... High Unreviewed
CVE-2023-6746 was published Dec 21, 2023
An insertion of sensitive information into the log file in the audit log in GitHub Enterprise... High Unreviewed
CVE-2023-6802 was published Dec 21, 2023
Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could... High Unreviewed
CVE-2023-5499 was published Oct 10, 2023
An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs... High Unreviewed
CVE-2023-46675 was published Dec 13, 2023
An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs... High Unreviewed
CVE-2023-46671 was published Dec 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database