Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

457 advisories

Loading
The user password via the registration form of TronLink Wallet 2.2.0 is stored in the log when... Moderate Unreviewed
CVE-2019-13098 was published May 24, 2022
Pivotal Container Services (PKS) versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1... Moderate Unreviewed
CVE-2019-11273 was published May 24, 2022
In Octopus Deploy versions 3.0.19 to 2019.7.2, when a web request proxy is configured, an... Moderate Unreviewed
CVE-2019-14268 was published May 24, 2022
Insertion of Sensitive Information into Log File in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10343 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
Plaintext Storage of a Password in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10345 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
Maven Integration Plugin did not mask sensitive values in module build logs Moderate
CVE-2019-10358 was published for org.jenkins-ci.main:maven-plugin (Maven) May 24, 2022
Jenkins Amazon EC2 Plugin leaked beginning of private key in system log Moderate
CVE-2019-10364 was published for org.jenkins-ci.plugins:ec2 (Maven) May 24, 2022
In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC... Moderate Unreviewed
CVE-2016-10819 was published May 24, 2022
cPanel before 66.0.2 allows resellers to read other accounts' domain log files (SEC-288). Moderate Unreviewed
CVE-2017-18426 was published May 24, 2022
IBM Cloud Private 2.1.0 , 3.1.0, 3.1.1, and 3.1.2 could allow a local privileged user to obtain... Moderate Unreviewed
CVE-2019-4284 was published May 24, 2022
Insertion of Sensitive Information into Log File in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10367 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
Insertion of Sensitive Information into Log File in Jenkins Mask Passwords Plugin Moderate
CVE-2019-10370 was published for org.jenkins-ci.plugins:mask-passwords (Maven) May 24, 2022
Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset. Moderate Unreviewed
CVE-2018-20956 was published May 24, 2022
A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could... Moderate Unreviewed
CVE-2019-1953 was published May 24, 2022
OSIsoft PI Web API 2018 and prior may allow disclosure of sensitive information. Moderate Unreviewed
CVE-2019-13515 was published May 24, 2022
An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for... Moderate Unreviewed
CVE-2019-5634 was published May 24, 2022
In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an... Moderate Unreviewed
CVE-2019-15507 was published May 24, 2022
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an... Moderate Unreviewed
CVE-2019-15508 was published May 24, 2022
Kubernetes client-go library logs may disclose credentials to unauthorized users Moderate
CVE-2019-11250 was published for k8s.io/client-go (Go) May 24, 2022
On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Service (CIS) for Kubernetes... Moderate Unreviewed
CVE-2019-6648 was published May 24, 2022
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in... Moderate Unreviewed
CVE-2019-16116 was published May 24, 2022
Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows... Moderate Unreviewed
CVE-2019-0380 was published May 24, 2022
Ansible leaks sensitive information to logs when told not to Moderate
CVE-2019-14858 was published for ansible (pip) May 24, 2022
IBM FileNet Content Manager 5.5.2 and 5.5.3 in specific configurations, could log the web service... Moderate Unreviewed
CVE-2019-4572 was published May 24, 2022
Brocade SANnav versions before v2.0, logs plain text database connection password while... Moderate Unreviewed
CVE-2019-16210 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database