Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

440 advisories

Loading
MoinMoin Insertion of Sensitive Information into Log File Moderate
CVE-2007-0902 was published for moin (pip) May 1, 2022
The log files in Apache web server contain information directly supplied by clients and does not... Moderate Unreviewed
CVE-2001-1556 was published Apr 30, 2022
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains... Moderate Unreviewed
CVE-2022-29869 was published Apr 29, 2022
Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that... Moderate Unreviewed
CVE-2022-27888 was published Apr 28, 2022
Insertion of Sensitive Information into Log File in Hashicorp go-getter Moderate
CVE-2022-29810 was published for github.com/hashicorp/go-getter (Go) Apr 28, 2022
jhutchings1
IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that... Moderate Unreviewed
CVE-2021-38939 was published Apr 28, 2022
Azure SDK for .NET Information Disclosure Vulnerability. Moderate
CVE-2022-26907 was published for Microsoft.Rest.ClientRuntime (NuGet) Apr 16, 2022
In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which... Moderate Unreviewed
CVE-2022-25518 was published Mar 24, 2022
Insertion of Sensitive Information into Log File in ansible Moderate
CVE-2021-20180 was published for ansible (pip) Mar 17, 2022
KamilaBorowska
A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44),... Moderate Unreviewed
CVE-2021-41543 was published Mar 9, 2022
The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly... Moderate Unreviewed
CVE-2021-25009 was published Mar 8, 2022
Wildfly logs plaintext passwords Moderate
CVE-2020-25640 was published for org.wildfly:wildfly-parent (Maven) Feb 15, 2022
VMware Cloud Foundation contains an information disclosure vulnerability due to logging of... Moderate Unreviewed
CVE-2022-22939 was published Feb 11, 2022
An information exposure through log file vulnerability exists in the Palo Alto Networks... Moderate Unreviewed
CVE-2022-0021 was published Feb 11, 2022
A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2022-20630 was published Feb 11, 2022
Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible Moderate
CVE-2020-14330 was published for ansible (pip) Feb 9, 2022
Insertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible Moderate
CVE-2020-14332 was published for ansible (pip) Feb 9, 2022
jhampson-dbre
loguru vulnerable to improper privilege management Moderate
CVE-2022-0338 was published for loguru (pip) Jan 26, 2022
In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and... Moderate Unreviewed
CVE-2022-22703 was published Jan 18, 2022
IBM Sterling Gentran:Server for Microsoft Windows 5.3 stores potentially sensitive information in... Moderate Unreviewed
CVE-2021-39032 was published Jan 15, 2022
SAP Business One - version 10.0, extended log stores information that can be of a sensitive... Moderate Unreviewed
CVE-2021-44234 was published Jan 15, 2022
Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token... Moderate Unreviewed
CVE-2021-45449 was published Jan 13, 2022
Apache NiFi Insertion of Sensitive Information into Log File Moderate
CVE-2020-1928 was published for org.apache.nifi:nifi-parameter (Maven) Jan 6, 2022
Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage... Moderate Unreviewed
CVE-2021-36318 was published Dec 22, 2021
In handleUpdateNetworkState of GnssNetworkConnectivityHandler.java , there is a possible APN... Moderate Unreviewed
CVE-2021-0997 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database