Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

773 advisories

Loading
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 16.0.8... High Unreviewed
CVE-2023-3993 was published Aug 2, 2023
An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows... Moderate Unreviewed
CVE-2024-7421 was published Sep 25, 2024
loguru vulnerable to improper privilege management Moderate
CVE-2022-0338 was published for loguru (pip) Jan 26, 2022
System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for... Moderate Unreviewed
CVE-2024-3165 was published Apr 2, 2024
Improper masking of credentials in Jenkins Pipeline Maven Integration Plugin Moderate
CVE-2023-41934 was published for org.jenkins-ci.plugins:pipeline-maven (Maven) Sep 6, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed
CVE-2024-44166 was published Sep 17, 2024
IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file... Moderate Unreviewed
CVE-2023-46175 was published Sep 26, 2024
Insertion of sensitive information into log file vulnerability in proxy settings component in... Moderate Unreviewed
CVE-2022-49037 was published Sep 26, 2024
Insertion of Sensitive Information into Log File vulnerability in StylemixThemes Masterstudy LMS... Moderate Unreviewed
CVE-2024-43990 was published Sep 25, 2024
Screenshot vulnerability in the input module. Successful exploitation of this vulnerability may... High Unreviewed
CVE-2023-41308 was published Sep 27, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2024-40791 was published Sep 17, 2024
A Cryptographic Issue vulnerability has been found on IBERMATICA RPS, affecting version 2019. By... High Unreviewed
CVE-2023-3350 was published Oct 3, 2023
GitHub personal access token leaking into temporary EasyBuild (debug) logs Critical
CVE-2020-5262 was published for easybuild-framework (pip) Mar 19, 2020
zao boegel
In affected versions of Octopus Server it is possible for the OpenID client secret to be logged... Moderate Unreviewed
CVE-2023-1904 was published Dec 14, 2023
Ceilometer Prints Sensitive Configuration Data to Log Moderate
CVE-2019-3830 was published for ceilometer (pip) May 13, 2022
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 17.1.7... Moderate Unreviewed
CVE-2024-4472 was published Sep 12, 2024
Argo CD leaks repository credentials in user-facing error messages and in logs Moderate
CVE-2023-25163 was published for github.com/argoproj/argo-cd/v2 (Go) Feb 8, 2023
andrewpollock
Possible Insertion of Sensitive Information into Log File Vulnerability in Identity Manager has... Moderate Unreviewed
CVE-2022-26322 was published Sep 12, 2024
A vulnerability identified in OpenText™ Identity Manager AzureAD Driver that allows logging of... Moderate Unreviewed
CVE-2021-22518 was published Sep 12, 2024
Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been... Moderate Unreviewed
CVE-2021-22533 was published Sep 12, 2024
Sensitive Information Exposure Through Insecure Logging For Secrets Like Metadata.DockerBuildArgs Moderate
GHSA-rjc6-vm4h-85cg was published for aws-sam-cli (pip) Sep 11, 2024
AWS SageMaker Training Toolkit logs CodeArtifact Authorization token Moderate
GHSA-635v-pc42-fr74 was published for sagemaker-training (pip) Sep 11, 2024
Ansible leaks sensitive information to logs when told not to Moderate
CVE-2019-14858 was published for ansible (pip) May 24, 2022
Insertion of Sensitive Information into Log File in ansible Moderate
CVE-2021-20191 was published for ansible (pip) Jun 1, 2021
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2).... Moderate Unreviewed
CVE-2024-42344 was published Sep 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database