Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

782 advisories

Loading
On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... Moderate Unreviewed
CVE-2022-27636 was published May 6, 2022
On F5 BIG-IP 15.1.x versions prior to 15.1.5.1 and 14.1.x versions prior to 14.1.4.6, when... Moderate Unreviewed
CVE-2022-28859 was published May 6, 2022
An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1... Moderate Unreviewed
CVE-2017-2621 was published May 3, 2022
MoinMoin Insertion of Sensitive Information into Log File Moderate
CVE-2007-0902 was published for moin (pip) May 1, 2022
The log files in Apache web server contain information directly supplied by clients and does not... Moderate Unreviewed
CVE-2001-1556 was published Apr 30, 2022
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains... Moderate Unreviewed
CVE-2022-29869 was published Apr 29, 2022
Insertion of Sensitive Information into Log File in Hashicorp go-getter Moderate
CVE-2022-29810 was published for github.com/hashicorp/go-getter (Go) Apr 28, 2022
jhutchings1
Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that... Moderate Unreviewed
CVE-2022-27888 was published Apr 28, 2022
IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that... Moderate Unreviewed
CVE-2021-38939 was published Apr 28, 2022
Moodle backs up private files High
CVE-2012-1156 was published for moodle/moodle (Composer) Apr 23, 2022
Azure SDK for .NET Information Disclosure Vulnerability. Moderate
CVE-2022-26907 was published for Microsoft.Rest.ClientRuntime (NuGet) Apr 16, 2022
Missing sanitization of logged exception messages in all versions prior to 14.7.7, 14.8 prior to... Low Unreviewed
CVE-2022-1157 was published Apr 12, 2022
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker can... High Unreviewed
CVE-2021-45103 was published Apr 7, 2022
Sensitive Auth & Cookie data stored in Jupyter server logs High
CVE-2022-24758 was published for notebook (pip) Apr 5, 2022
3coins
TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information... High Unreviewed
CVE-2022-27442 was published Apr 5, 2022
In ArrayMap, there is a possible leak of the content of SMS messages due to log information... Low Unreviewed
CVE-2021-39739 was published Mar 31, 2022
Insertion of Sensitive Information into Log File in Jupyter notebook High
CVE-2022-24757 was published for jupyter-server (pip) Mar 25, 2022
3coins
In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which... Moderate Unreviewed
CVE-2022-25518 was published Mar 24, 2022
Insertion of Sensitive Information into Log File in ansible Moderate
CVE-2021-20180 was published for ansible (pip) Mar 17, 2022
KamilaBorowska
Sensitive parameter values captured in build metadata files by Jenkins Parameterized Trigger Plugin Low
CVE-2022-27195 was published for org.jenkins-ci.plugins:parameterized-trigger (Maven) Mar 16, 2022
NotMyFault
A flaw was found in KeePass. The vulnerability occurs due to logging the plain text passwords in... High Unreviewed
CVE-2022-0725 was published Mar 11, 2022
Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows... Low Unreviewed
CVE-2022-25826 was published Mar 11, 2022
Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751... Low Unreviewed
CVE-2022-25829 was published Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741... Low Unreviewed
CVE-2022-25823 was published Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows... Low Unreviewed
CVE-2022-25827 was published Mar 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database