Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

782 advisories

Loading
Rancher 'Audit Log' leaks sensitive information High
CVE-2023-22649 was published for github.com/rancher/rancher (Go) Feb 8, 2024
Jberet: jberet-core logging database credentials Moderate
CVE-2024-1102 was published for org.jberet:jberet-core (Maven) Apr 25, 2024
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition... High Unreviewed
CVE-2024-9466 was published Oct 9, 2024
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes... Moderate Unreviewed
CVE-2024-45738 was published Oct 14, 2024
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes... Moderate Unreviewed
CVE-2024-45739 was published Oct 14, 2024
A vulnerability classified as problematic has been found in Beijing Baichuo Smart S150 Management... Low Unreviewed
CVE-2024-0716 was published Jan 19, 2024
Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355... Moderate Unreviewed
CVE-2022-25477 was published Jul 2, 2024
A vulnerability was found in code-projects Dormitory Management System 1.0. It has been rated as... Low Unreviewed
CVE-2024-0472 was published Jan 13, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed
CVE-2024-44205 was published Oct 24, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2024-27849 was published Oct 28, 2024
An information disclosure issue was addressed with improved private data redaction for log... Moderate Unreviewed
CVE-2024-44239 was published Oct 28, 2024
The Woo Manage Fraud Orders plugin for WordPress is vulnerable to Sensitive Information Exposure... Moderate Unreviewed
CVE-2024-10544 was published Oct 31, 2024
VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information... Moderate Unreviewed
CVE-2024-22276 was published Jun 27, 2024
Apache Solr Operator liveness and readiness probes may leak basic auth credentials Moderate
CVE-2024-31391 was published for github.com/apache/solr-operator (Go) Apr 12, 2024
A privacy issue was addressed by not logging contents of text fields. This issue is fixed in... Low Unreviewed
CVE-2024-23242 was published Mar 8, 2024
Vulnerability of improper log printing in the Super Home Screen module Impact: Successful... Moderate Unreviewed
CVE-2024-51528 was published Nov 5, 2024
@workos-inc/authkit-remix refresh tokens are logged when the debug flag is enabled Low
CVE-2024-51753 was published for @workos-inc/authkit-remix (npm) Nov 5, 2024
@workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled Low
CVE-2024-51752 was published for @workos-inc/authkit-nextjs (npm) Nov 5, 2024
RichardoC
Logging of the firestore key within nodejs-firestore Moderate
CVE-2023-6460 was published for @google-cloud/firestore (npm) Dec 4, 2023
abhishekwebcode
Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged Moderate
CVE-2023-50740 was published for org.apache.linkis:linkis (Maven) Mar 6, 2024
oscerd
An information disclosure vulnerability exists in Yugabyte Anywhere, where the LDAP bind password... Moderate Unreviewed
CVE-2024-11193 was published Nov 13, 2024
An information disclosure vulnerability exists in the backup configuration process where the SAS... Moderate Unreviewed
CVE-2024-11165 was published Nov 13, 2024
Ansible exposes sensitive data in log files and on the terminal High
CVE-2018-10855 was published for ansible (pip) Oct 10, 2018
Insertion of Sensitive Information into Log File in ansible High
CVE-2021-20178 was published for ansible (pip) Jun 1, 2021
django-anymail Includes Sensitive Information in Log Files Critical
CVE-2018-1000089 was published for django-anymail (pip) May 14, 2022
westonsteimel
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database