GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,342
Composer 4,134
Erlang 29
GitHub Actions 19
Go 1,941
Maven 5,135
npm 3,678
NuGet 645
pip 3,297
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 231,359

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

724 advisories

Filter by severity

Sort by

Least recently updated

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes... Moderate Unreviewed

CVE-2024-45738 was published Oct 14, 2024

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes... Moderate Unreviewed

CVE-2024-45739 was published Oct 14, 2024

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2... Moderate Unreviewed

CVE-2024-38862 was published Oct 14, 2024

Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password... Moderate Unreviewed

CVE-2024-8264 was published Oct 10, 2024

A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition... High Unreviewed

CVE-2024-9466 was published Oct 9, 2024

Quarkus CXF logs passwords and other secrets Moderate

CVE-2024-9621 was published for io.quarkiverse.cxf:quarkus-cxf (Maven) Oct 8, 2024

A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco... Moderate Unreviewed

CVE-2024-20490 was published Oct 2, 2024

A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker... Moderate Unreviewed

CVE-2024-20491 was published Oct 2, 2024

Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows... High Unreviewed

CVE-2024-8609 was published Sep 27, 2024

IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file... Moderate Unreviewed

CVE-2023-46175 was published Sep 26, 2024

Insertion of sensitive information into log file vulnerability in proxy settings component in... Moderate Unreviewed

CVE-2022-49037 was published Sep 26, 2024

An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows... Moderate Unreviewed

CVE-2024-7421 was published Sep 25, 2024

Insertion of Sensitive Information into Log File vulnerability in StylemixThemes Masterstudy LMS... Moderate Unreviewed

CVE-2024-43990 was published Sep 25, 2024

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed

CVE-2024-44166 was published Sep 17, 2024

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed

CVE-2024-40791 was published Sep 17, 2024

Ansible vulnerable to Insertion of Sensitive Information into Log File Moderate

CVE-2024-8775 was published for ansible-core (pip) Sep 16, 2024

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 17.1.7... Moderate Unreviewed

CVE-2024-4472 was published Sep 12, 2024

Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been... Moderate Unreviewed

CVE-2021-22533 was published Sep 12, 2024

A vulnerability identified in OpenText™ Identity Manager AzureAD Driver that allows logging of... Moderate Unreviewed

CVE-2021-22518 was published Sep 12, 2024

Possible Insertion of Sensitive Information into Log File Vulnerability in Identity Manager has... Moderate Unreviewed

CVE-2022-26322 was published Sep 12, 2024

Sensitive Information Exposure Through Insecure Logging For Secrets Like Metadata.DockerBuildArgs Moderate

GHSA-rjc6-vm4h-85cg was published for aws-sam-cli (pip) Sep 11, 2024

AWS SageMaker Training Toolkit logs CodeArtifact Authorization token Moderate

GHSA-635v-pc42-fr74 was published for sagemaker-training (pip) Sep 11, 2024

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2).... Moderate Unreviewed

CVE-2024-42344 was published Sep 10, 2024

A vulnerability has been identified in SINUMERIK 828D V4 (All versions < V4.95 SP3), SINUMERIK... Moderate Unreviewed

CVE-2024-43781 was published Sep 10, 2024

A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker... High Unreviewed

CVE-2024-20440 was published Sep 4, 2024

Previous 1 2 3 4 5 … 28 29 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

724 advisories