Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,084
Maven
5,000+
npm
3,747
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

762 advisories

Loading
Insertion of Sensitive Information into Log File vulnerability in SERVIT Software Solutions.This... Moderate Unreviewed
CVE-2024-37205 was published Jul 10, 2024
Multiple Exposure of sensitive information to an unauthorized actor vulnerabilities [CWE-200] in... High Unreviewed
CVE-2024-27784 was published Jul 9, 2024
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special... Moderate Unreviewed
CVE-2024-40596 was published Jul 7, 2024
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can... Moderate Unreviewed
CVE-2024-40598 was published Jul 7, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A... High Unreviewed
CVE-2022-32254 was published Jun 15, 2022
The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A... Moderate Unreviewed
CVE-2024-27157 was published Jun 14, 2024
The session cookies, used for authentication, are stored in clear-text logs. An attacker can... Moderate Unreviewed
CVE-2024-27156 was published Jun 14, 2024
Passwords are stored in clear-text logs. An attacker can retrieve passwords. As for the affected... Moderate Unreviewed
CVE-2024-27154 was published Jun 14, 2024
Under certain circumstances unnecessary user details are provided within system logs Moderate Unreviewed
CVE-2024-32757 was published Jul 2, 2024
IBM Security Verify Access 10.0.0 through 10.0.7.1 could allow a local user to obtain sensitive... Moderate Unreviewed
CVE-2023-30430 was published Jun 27, 2024
Bitbucket OAuth access token exposed in the build log by Bitbucket Branch Source Plugin Moderate
CVE-2024-39460 was published for org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source (Maven) Jun 26, 2024
go-retryablehttp can leak basic auth credentials to log files Moderate
CVE-2024-6104 was published for github.com/hashicorp/go-retryablehttp (Go) Jun 24, 2024
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p7, <2... Low Unreviewed
CVE-2024-28830 was published Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a... Low Unreviewed
CVE-2024-29177 was published Jun 26, 2024
An information disclosure vulnerability in Phloc Webscopes 7.0.0 allows local attackers with... Unknown Unreviewed
CVE-2024-6060 was published Jun 26, 2024
Elastic Beats inserts sensitive information into log file Moderate
CVE-2023-49922 was published for github.com/elastic/beats (Go) Dec 12, 2023
levinebw
Insertion of Sensitive Information into Log File vulnerability in WP 2FA allows Accessing... Moderate Unreviewed
CVE-2022-44587 was published Jun 21, 2024
SonarQube logs sensitive information Moderate
CVE-2024-38460 was published for org.sonarsource.sonarqube:sonar-web (Maven) Jun 16, 2024
Vault Enterprise, when configured with performance standby nodes and a configured audit device,... Moderate Unreviewed
CVE-2024-2877 was published Apr 30, 2024
CWE-532: Insertion of Sensitive Information into Log File vulnerability exists that could cause... Moderate Unreviewed
CVE-2024-5557 was published Jun 12, 2024
azure-file-csi-driver leaks service account tokens in the logs Moderate
CVE-2024-3744 was published for sigs.k8s.io/azurefile-csi-driver (Go) May 15, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 stores potentially... Moderate Unreviewed
CVE-2024-25030 was published Apr 3, 2024
Insertion of Sensitive Information into Log File vulnerability in Octolize USPS Shipping for... Moderate Unreviewed
CVE-2024-32811 was published Jun 9, 2024
Insertion of Sensitive Information into Log File vulnerability in Code Parrots Easy Forms for... High Unreviewed
CVE-2024-25095 was published Jun 4, 2024
apko Exposure of HTTP basic auth credentials in log output High
CVE-2024-36127 was published for chainguard.dev/apko (Go) Jun 4, 2024
kolloch
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database