Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

175 advisories

Loading
Pivotal Cloud Cache, versions prior to 1.3.1, prints a superuser password in plain text during... High Unreviewed
CVE-2018-1198 was published May 14, 2022
** DISPUTED ** An issue was discovered in Qualys Cloud Agent 4.8.0-49. It writes "ps auxwwe"... High Unreviewed
CVE-2022-29550 was published Aug 19, 2022
GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request... High Unreviewed
CVE-2018-12604 was published May 14, 2022
The iThemes Security plugin before 6.9.1 for WordPress does not properly perform data escaping... High Unreviewed
CVE-2018-7433 was published May 14, 2022
Insertion of Sensitive Information into Log File in Apache Geode High
CVE-2021-34797 was published for org.apache.geode:geode-core (Maven) Jan 6, 2022
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions <... High Unreviewed
CVE-2021-45034 was published Jan 12, 2022
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure... High Unreviewed
CVE-2021-36289 was published Jan 27, 2022
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log... High Unreviewed
CVE-2023-22575 was published Feb 1, 2023
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log... High Unreviewed
CVE-2023-22574 was published Feb 1, 2023
ovirt-engine up to version 4.2.3 is vulnerable to an unfiltered password when choosing manual db... High Unreviewed
CVE-2018-1075 was published May 13, 2022
Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the... High Unreviewed
CVE-2018-16889 was published May 13, 2022
Dell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file... High Unreviewed
CVE-2023-22572 was published Feb 1, 2023
Incorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive... High Unreviewed
CVE-2021-36544 was published Feb 3, 2023
SUSHIRO App for Android outputs sensitive information to the log file, which may result in an... High Unreviewed
CVE-2023-22362 was published Feb 13, 2023
IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information... High Unreviewed
CVE-2022-43930 was published Feb 17, 2023
The OpenVPN Access Server installer creates a log file readable for everyone, which from version... High Unreviewed
CVE-2022-33737 was published Jul 7, 2022
Insertion of Sensitive Information into Log File in Apache NiFi High
CVE-2020-1942 was published for org.apache.nifi:nifi-framework-core (Maven) Jan 6, 2022
Secret insertion into debug log in Docker High
CVE-2019-13509 was published for github.com/docker/docker (Go) May 24, 2022
joshbressers
Moodle backs up private files High
CVE-2012-1156 was published for moodle/moodle (Composer) Apr 23, 2022
Insertion of Sensitive Information into Log File in Apache NiFi Stateless High
CVE-2020-9486 was published for org.apache.nifi:nifi-stateless (Maven) Jan 6, 2022
Information Disclosure in HashiCorp Vault High
CVE-2020-13223 was published for github.com/hashicorp/vault (Go) May 18, 2021
Weave GitOps Terraform Controller Information Disclosure Vulnerability High
CVE-2023-34236 was published for github.com/weaveworks/tf-controller (Go) Jul 14, 2023
greenu
Apache Airflow Celery provider Insertion of Sensitive Information into Log File vulnerability High
CVE-2023-46215 was published for apache-airflow (pip) Oct 28, 2023
Certain NetModule devices allow credentials via GET parameters to CLI-PHP. These models with... High Unreviewed
CVE-2021-39291 was published May 24, 2022
Debug mode leaks confidential data in Cilium High
CVE-2023-29002 was published for github.com/cilium/cilium (Go) Apr 19, 2023
meyskens
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database