GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
751 advisories
Filter by severity
Disclosure of sensitive information in HikVision camera driver's log file in XProtect Device Pack...
Moderate
Unreviewed
CVE-2024-12569
was published
Dec 19, 2024
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores potentially...
Moderate
Unreviewed
CVE-2024-49816
was published
Dec 17, 2024
The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app...
Moderate
Unreviewed
CVE-2024-54484
was published
Dec 12, 2024
Zammad before 6.4.1 places sensitive data (such as auth_microsoft_office365_credentials and...
Moderate
Unreviewed
CVE-2024-55578
was published
Dec 9, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6...
Moderate
Unreviewed
CVE-2024-12292
was published
Dec 12, 2024
Insertion of Sensitive Information into Log File (CWE-532) in the Gallagher Command Centre Alarm...
High
Unreviewed
CVE-2024-42407
was published
Dec 12, 2024
User credentials (login & password) are inserted into log files when a user tries to authenticate...
Low
Unreviewed
CVE-2024-12057
was published
Dec 9, 2024
Improper permissions handling in MediaWiki AbuseFilter
Moderate
CVE-2024-47913
was published
for
mediawiki/abuse-filter
(Composer)
Oct 5, 2024
HCL Launch stores potentially sensitive information in log files that could be read by a local...
Moderate
Unreviewed
CVE-2024-42196
was published
Dec 6, 2024
Quarkus CXF logs passwords and other secrets
Moderate
CVE-2024-9621
was published
for
io.quarkiverse.cxf:quarkus-cxf
(Maven)
Oct 8, 2024
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p22, <2...
Moderate
Unreviewed
CVE-2024-47094
was published
Nov 29, 2024
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2...
Moderate
Unreviewed
CVE-2024-38862
was published
Oct 14, 2024
Ansible vulnerable to Insertion of Sensitive Information into Log File
High
CVE-2024-8775
was published
for
ansible-core
(pip)
Sep 16, 2024
OpenStack Glance sensitive information disclosure via logs
Moderate
CVE-2014-1948
was published
for
glance
(pip)
May 17, 2022
The CTT Expresso para WooCommerce plugin for WordPress is vulnerable to sensitive information...
Moderate
Unreviewed
CVE-2024-6687
was published
Aug 1, 2024
Git credentials are exposed in Atlantis logs
High
CVE-2024-52009
was published
for
github.com/runatlantis/atlantis
(Go)
Nov 8, 2024
AnyDesk through 8.1.0 on Windows, when Allow Direct Connections is enabled, inadvertently exposes...
High
Unreviewed
CVE-2024-52940
was published
Nov 18, 2024
APM Server vulnerable to Insertion of Sensitive Information into Log File
High
CVE-2024-23448
was published
for
github.com/elastic/apm-server
(Go)
Feb 8, 2024
An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server...
High
Unreviewed
CVE-2023-22644
was published
Sep 20, 2023
django-anymail Includes Sensitive Information in Log Files
Critical
CVE-2018-1000089
was published
for
django-anymail
(pip)
May 14, 2022
Insertion of Sensitive Information into Log File in ansible
High
CVE-2021-20178
was published
for
ansible
(pip)
Jun 1, 2021
Ansible exposes sensitive data in log files and on the terminal
High
CVE-2018-10855
was published
for
ansible
(pip)
Oct 10, 2018
An information disclosure vulnerability exists in the backup configuration process where the SAS...
Moderate
Unreviewed
CVE-2024-11165
was published
Nov 13, 2024
An information disclosure vulnerability exists in Yugabyte Anywhere, where the LDAP bind password...
Moderate
Unreviewed
CVE-2024-11193
was published
Nov 13, 2024
Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged
Moderate
CVE-2023-50740
was published
for
org.apache.linkis:linkis
(Maven)
Mar 6, 2024
ProTip!
Advisories are also available from the
GraphQL API