GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
724 advisories
Filter by severity
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes...
Moderate
Unreviewed
CVE-2024-45738
was published
Oct 14, 2024
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes...
Moderate
Unreviewed
CVE-2024-45739
was published
Oct 14, 2024
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2...
Moderate
Unreviewed
CVE-2024-38862
was published
Oct 14, 2024
Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password...
Moderate
Unreviewed
CVE-2024-8264
was published
Oct 10, 2024
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition...
High
Unreviewed
CVE-2024-9466
was published
Oct 9, 2024
Quarkus CXF logs passwords and other secrets
Moderate
CVE-2024-9621
was published
for
io.quarkiverse.cxf:quarkus-cxf
(Maven)
Oct 8, 2024
A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco...
Moderate
Unreviewed
CVE-2024-20490
was published
Oct 2, 2024
A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker...
Moderate
Unreviewed
CVE-2024-20491
was published
Oct 2, 2024
Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows...
High
Unreviewed
CVE-2024-8609
was published
Sep 27, 2024
IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file...
Moderate
Unreviewed
CVE-2023-46175
was published
Sep 26, 2024
Insertion of sensitive information into log file vulnerability in proxy settings component in...
Moderate
Unreviewed
CVE-2022-49037
was published
Sep 26, 2024
An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows...
Moderate
Unreviewed
CVE-2024-7421
was published
Sep 25, 2024
Insertion of Sensitive Information into Log File vulnerability in StylemixThemes Masterstudy LMS...
Moderate
Unreviewed
CVE-2024-43990
was published
Sep 25, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Moderate
Unreviewed
CVE-2024-44166
was published
Sep 17, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Low
Unreviewed
CVE-2024-40791
was published
Sep 17, 2024
Ansible vulnerable to Insertion of Sensitive Information into Log File
Moderate
CVE-2024-8775
was published
for
ansible-core
(pip)
Sep 16, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 17.1.7...
Moderate
Unreviewed
CVE-2024-4472
was published
Sep 12, 2024
Possible Insertion of Sensitive Information into Log File Vulnerability
in eDirectory has been...
Moderate
Unreviewed
CVE-2021-22533
was published
Sep 12, 2024
A vulnerability identified in OpenText™
Identity Manager AzureAD Driver that allows logging of...
Moderate
Unreviewed
CVE-2021-22518
was published
Sep 12, 2024
Possible Insertion of Sensitive Information into Log File Vulnerability
in Identity Manager has...
Moderate
Unreviewed
CVE-2022-26322
was published
Sep 12, 2024
Sensitive Information Exposure Through Insecure Logging For Secrets Like Metadata.DockerBuildArgs
Moderate
GHSA-rjc6-vm4h-85cg
was published
for
aws-sam-cli
(pip)
Sep 11, 2024
AWS SageMaker Training Toolkit logs CodeArtifact Authorization token
Moderate
GHSA-635v-pc42-fr74
was published
for
sagemaker-training
(pip)
Sep 11, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2)....
Moderate
Unreviewed
CVE-2024-42344
was published
Sep 10, 2024
A vulnerability has been identified in SINUMERIK 828D V4 (All versions < V4.95 SP3), SINUMERIK...
Moderate
Unreviewed
CVE-2024-43781
was published
Sep 10, 2024
A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker...
High
Unreviewed
CVE-2024-20440
was published
Sep 4, 2024
ProTip!
Advisories are also available from the
GraphQL API