GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,944
Composer 4,273
Erlang 31
GitHub Actions 21
Go 2,055
Maven 5,234
npm 3,739
NuGet 668
pip 3,417
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,537

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

440 advisories

Filter by severity

Sort by

Least recently updated

Disclosure of sensitive information in HikVision camera driver's log file in XProtect Device Pack... Moderate Unreviewed

CVE-2024-12569 was published Dec 19, 2024

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores potentially... Moderate Unreviewed

CVE-2024-49816 was published Dec 17, 2024

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6... Moderate Unreviewed

CVE-2024-12292 was published Dec 12, 2024

The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app... Moderate Unreviewed

CVE-2024-54484 was published Dec 12, 2024

Zammad before 6.4.1 places sensitive data (such as auth_microsoft_office365_credentials and... Moderate Unreviewed

CVE-2024-55578 was published Dec 9, 2024

HCL Launch stores potentially sensitive information in log files that could be read by a local... Moderate Unreviewed

CVE-2024-42196 was published Dec 6, 2024

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p22, <2... Moderate Unreviewed

CVE-2024-47094 was published Nov 29, 2024

An information disclosure vulnerability exists in Yugabyte Anywhere, where the LDAP bind password... Moderate Unreviewed

CVE-2024-11193 was published Nov 13, 2024

An information disclosure vulnerability exists in the backup configuration process where the SAS... Moderate Unreviewed

CVE-2024-11165 was published Nov 13, 2024

Vulnerability of improper log printing in the Super Home Screen module Impact: Successful... Moderate Unreviewed

CVE-2024-51528 was published Nov 5, 2024

The Woo Manage Fraud Orders plugin for WordPress is vulnerable to Sensitive Information Exposure... Moderate Unreviewed

CVE-2024-10544 was published Oct 31, 2024

An information disclosure issue was addressed with improved private data redaction for log... Moderate Unreviewed

CVE-2024-44239 was published Oct 28, 2024

The Snowflake Connector for Python stores sensitive data in logs Moderate

CVE-2024-49750 was published for snowflake-connector-python (pip) Oct 24, 2024

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed

CVE-2024-44205 was published Oct 24, 2024

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes... Moderate Unreviewed

CVE-2024-45738 was published Oct 14, 2024

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes... Moderate Unreviewed

CVE-2024-45739 was published Oct 14, 2024

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2... Moderate Unreviewed

CVE-2024-38862 was published Oct 14, 2024

Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password... Moderate Unreviewed

CVE-2024-8264 was published Oct 10, 2024

Quarkus CXF logs passwords and other secrets Moderate

CVE-2024-9621 was published for io.quarkiverse.cxf:quarkus-cxf (Maven) Oct 8, 2024

Improper permissions handling in MediaWiki AbuseFilter Moderate

CVE-2024-47913 was published for mediawiki/abuse-filter (Composer) Oct 5, 2024

A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker... Moderate Unreviewed

CVE-2024-20491 was published Oct 2, 2024

A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco... Moderate Unreviewed

CVE-2024-20490 was published Oct 2, 2024

IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file... Moderate Unreviewed

CVE-2023-46175 was published Sep 26, 2024

Insertion of sensitive information into log file vulnerability in proxy settings component in... Moderate Unreviewed

CVE-2022-49037 was published Sep 26, 2024

An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows... Moderate Unreviewed

CVE-2024-7421 was published Sep 25, 2024

Previous 1 2 3 4 5 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

440 advisories