Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,072
Maven
5,000+
npm
3,744
NuGet
669
pip
3,430
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

90 advisories

Loading
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2023-40392 was published Sep 6, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2023-40442 was published Sep 12, 2023
Wagtail vulnerable to disclosure of user names via admin bulk action views Low
CVE-2023-45809 was published for wagtail (pip) Oct 19, 2023
quyenheu
A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4... Low Unreviewed
CVE-2023-5028 was published Sep 17, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2023-42857 was published Oct 25, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2023-40405 was published Oct 25, 2023
An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM version... Low Unreviewed
CVE-2023-45585 was published Nov 14, 2023
Insertion of sensitive information into log file for some Intel Unison software may allow an... Low Unreviewed
CVE-2022-46647 was published Nov 14, 2023
Exposure of Sensitive Information in Elastic APM .NET Agent Low
CVE-2021-22143 was published for Elastic.Apm (NuGet) Nov 22, 2023
MarkLee131
Sensitive parameter values captured in build metadata files by Jenkins Parameterized Trigger Plugin Low
CVE-2022-27195 was published for org.jenkins-ci.plugins:parameterized-trigger (Maven) Mar 16, 2022
NotMyFault
Jenkins SSH Agent Plugin exposes SSH private key password to users with permission to read the build log Low
CVE-2018-1999036 was published for org.jenkins-ci.plugins:ssh-agent (Maven) May 13, 2022
nvdApiKey is logged in debug mode Low
GHSA-qqhq-8r2c-c3f5 was published for org.owasp:dependency-check-ant (Maven) Dec 15, 2023
hott-box
In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was... Low Unreviewed
CVE-2024-24939 was published Feb 6, 2024
Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive... Low Unreviewed
CVE-2024-23760 was published Feb 13, 2024
Insertion of sensitive information into log file for some Intel(R) Local Manageability Service... Low Unreviewed
CVE-2023-27502 was published Mar 14, 2024
__btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls... Low Unreviewed
CVE-2019-19039 was published May 24, 2022
cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of... Low Unreviewed
CVE-2017-18412 was published May 24, 2022
In cPanel before 66.0.2, domain log files become readable after log processing (SEC-273). Low Unreviewed
CVE-2017-18423 was published May 24, 2022
In the proc filesystem, there is a possible information disclosure due to log information... Low Unreviewed
CVE-2019-9277 was published May 24, 2022
Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http... Low Unreviewed
CVE-2023-31413 was published May 4, 2023
An issue was discovered in Faronics Insight 10.0.19045 on Windows. Every keystroke made by any... Low Unreviewed
CVE-2023-28351 was published May 31, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2023-23505 was published Jul 6, 2023
An information disclosure issue in Gitlab CE/EE affecting all versions from 13.6 prior to 15.11... Low Unreviewed
CVE-2023-3363 was published Jul 13, 2023
An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to... Low Unreviewed
CVE-2023-41263 was published Oct 13, 2023
Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup &... Low Unreviewed
CVE-2024-31254 was published Apr 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database