GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,972
Composer 4,285
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,238
npm 3,741
NuGet 668
pip 3,422
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,197

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

346 advisories

Filter by severity

Sort by

Least recently updated

Disclosure of sensitive information in HikVision camera driver's log file in XProtect Device Pack... Moderate Unreviewed

CVE-2024-12569 was published Dec 19, 2024

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores potentially... Moderate Unreviewed

CVE-2024-49816 was published Dec 17, 2024

The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app... Moderate Unreviewed

CVE-2024-54484 was published Dec 12, 2024

Zammad before 6.4.1 places sensitive data (such as auth_microsoft_office365_credentials and... Moderate Unreviewed

CVE-2024-55578 was published Dec 9, 2024

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6... Moderate Unreviewed

CVE-2024-12292 was published Dec 12, 2024

HCL Launch stores potentially sensitive information in log files that could be read by a local... Moderate Unreviewed

CVE-2024-42196 was published Dec 6, 2024

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p22, <2... Moderate Unreviewed

CVE-2024-47094 was published Nov 29, 2024

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2... Moderate Unreviewed

CVE-2024-38862 was published Oct 14, 2024

The CTT Expresso para WooCommerce plugin for WordPress is vulnerable to sensitive information... Moderate Unreviewed

CVE-2024-6687 was published Aug 1, 2024

An information disclosure vulnerability exists in the backup configuration process where the SAS... Moderate Unreviewed

CVE-2024-11165 was published Nov 13, 2024

An information disclosure vulnerability exists in Yugabyte Anywhere, where the LDAP bind password... Moderate Unreviewed

CVE-2024-11193 was published Nov 13, 2024

Vulnerability of improper log printing in the Super Home Screen module Impact: Successful... Moderate Unreviewed

CVE-2024-51528 was published Nov 5, 2024

VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information... Moderate Unreviewed

CVE-2024-22276 was published Jun 27, 2024

The Woo Manage Fraud Orders plugin for WordPress is vulnerable to Sensitive Information Exposure... Moderate Unreviewed

CVE-2024-10544 was published Oct 31, 2024

An information disclosure issue was addressed with improved private data redaction for log... Moderate Unreviewed

CVE-2024-44239 was published Oct 28, 2024

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed

CVE-2024-44205 was published Oct 24, 2024

Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355... Moderate Unreviewed

CVE-2022-25477 was published Jul 2, 2024

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes... Moderate Unreviewed

CVE-2024-45739 was published Oct 14, 2024

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes... Moderate Unreviewed

CVE-2024-45738 was published Oct 14, 2024

Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password... Moderate Unreviewed

CVE-2024-8264 was published Oct 10, 2024

A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker... Moderate Unreviewed

CVE-2024-20491 was published Oct 2, 2024

A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco... Moderate Unreviewed

CVE-2024-20490 was published Oct 2, 2024

An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows... Moderate Unreviewed

CVE-2024-7421 was published Sep 25, 2024

System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for... Moderate Unreviewed

CVE-2024-3165 was published Apr 2, 2024

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed

CVE-2024-44166 was published Sep 17, 2024

Previous 1 2 3 4 5 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

346 advisories