Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

752 advisories

Loading
Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component... Moderate Unreviewed
CVE-2023-6814 was published Mar 12, 2024
A privacy issue was addressed by not logging contents of text fields. This issue is fixed in... Low Unreviewed
CVE-2024-23242 was published Mar 8, 2024
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an... Moderate Unreviewed
CVE-2023-46171 was published Mar 7, 2024
Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged Moderate
CVE-2023-50740 was published for org.apache.linkis:linkis (Maven) Mar 6, 2024
oscerd
An issue discovered in Unisys Stealth 5.3.062.0 allows attackers to view sensitive information... High Unreviewed
CVE-2024-23758 was published Feb 21, 2024
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10... Moderate Unreviewed
CVE-2024-22337 was published Feb 17, 2024
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10... Moderate Unreviewed
CVE-2023-50951 was published Feb 17, 2024
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10... Moderate Unreviewed
CVE-2024-22336 was published Feb 17, 2024
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10... Moderate Unreviewed
CVE-2024-22335 was published Feb 17, 2024
Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive... Low Unreviewed
CVE-2024-23760 was published Feb 13, 2024
The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log... High Unreviewed
CVE-2023-47131 was published Feb 9, 2024
Rancher 'Audit Log' leaks sensitive information High
CVE-2023-22649 was published for github.com/rancher/rancher (Go) Feb 8, 2024
Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain... Moderate Unreviewed
CVE-2024-22464 was published Feb 8, 2024
APM Server vulnerable to Insertion of Sensitive Information into Log File High
CVE-2024-23448 was published for github.com/elastic/apm-server (Go) Feb 8, 2024
In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was... Low Unreviewed
CVE-2024-24939 was published Feb 6, 2024
glance-store logs s3 access keys Moderate
CVE-2024-1141 was published for glance-store (pip) Feb 1, 2024
m3t3kh4n
An insertion of Sensitive Information into Log File vulnerability is affecting DELMIA Apriso... Moderate Unreviewed
CVE-2024-0935 was published Feb 1, 2024
Hashicorp Vault may expose sensitive log information Moderate
CVE-2024-0831 was published for github.com/hashicorp/vault (Go) Feb 1, 2024
`goreleaser release --debug` shows secrets Moderate
CVE-2024-23840 was published for github.com/goreleaser/goreleaser (Go) Jan 30, 2024
andreaangiolillo caarlos0
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its... Moderate Unreviewed
CVE-2023-46231 was published Jan 30, 2024
In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal... High Unreviewed
CVE-2023-46230 was published Jan 30, 2024
Insertion of debug information into log file during building the elastic search index allows... Moderate Unreviewed
CVE-2024-23791 was published Jan 29, 2024
In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server... Moderate Unreviewed
CVE-2024-23677 was published Jan 22, 2024
Insertion of Sensitive Information into Log File in OWASP DependencyCheck Moderate
CVE-2024-23686 was published for org.owasp:dependency-check-ant (Maven) Jan 20, 2024
r3kumar
A vulnerability classified as problematic has been found in Beijing Baichuo Smart S150 Management... Low Unreviewed
CVE-2024-0716 was published Jan 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database