Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

740 advisories

Loading
Dell PowerStore versions prior to 3.5.0.1 contain an insertion of sensitive information into log... Moderate Unreviewed
CVE-2023-32478 was published Jul 21, 2023
Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure... Moderate Unreviewed
CVE-2023-32455 was published Jul 20, 2023
Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure... Moderate Unreviewed
CVE-2023-32447 was published Jul 20, 2023
Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure... Moderate Unreviewed
CVE-2023-32446 was published Jul 20, 2023
Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs... High Unreviewed
CVE-2023-26023 was published Jul 19, 2023
Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs... High Unreviewed
CVE-2023-26026 was published Jul 19, 2023
Weave GitOps Terraform Controller Information Disclosure Vulnerability High
CVE-2023-34236 was published for github.com/weaveworks/tf-controller (Go) Jul 14, 2023
greenu
An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an... Moderate Unreviewed
CVE-2023-37224 was published Jul 14, 2023
An information disclosure issue in Gitlab CE/EE affecting all versions from 13.6 prior to 15.11... Low Unreviewed
CVE-2023-3363 was published Jul 13, 2023
A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an... Moderate Unreviewed
CVE-2023-20207 was published Jul 12, 2023
In JetBrains TeamCity before 2023.05.1 build chain parameters of the "password" type could be... Moderate Unreviewed
CVE-2023-38064 was published Jul 12, 2023
In JetBrains TeamCity before 2023.05.1 build parameters of the "password" type could be written... Moderate Unreviewed
CVE-2023-38067 was published Jul 12, 2023
Mattermost Sever fails to redact the DB username and password before emitting an application log... High Unreviewed
CVE-2023-2514 was published Jul 6, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2023-23505 was published Jul 6, 2023
IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 and 12.0.5.0 contains an... Moderate Unreviewed
CVE-2022-42439 was published Jul 6, 2023
A remote attacker could leverage a vulnerability in Trend Micro Mobile Security (Enterprise) 9.8... High Unreviewed
CVE-2023-35695 was published Jun 27, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed
CVE-2023-32392 was published Jun 23, 2023
Vulnerability in Cloud Foundry Notifications, Cloud Foundry SMB-volume release, Cloud FOundry cf... Moderate Unreviewed
CVE-2023-20885 was published Jun 16, 2023
An insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.2.0... Moderate Unreviewed
CVE-2023-26207 was published Jun 13, 2023
In JetBrains TeamCity before 2023.05 parameters of the "password" type from build dependencies... Moderate Unreviewed
CVE-2023-34223 was published May 31, 2023
An issue was discovered in Faronics Insight 10.0.19045 on Windows. Every keystroke made by any... Low Unreviewed
CVE-2023-28351 was published May 31, 2023
secrets-store-csi-driver discloses service account tokens in logs Moderate
CVE-2023-2878 was published for sigs.k8s.io/secrets-store-csi-driver (Go) May 26, 2023
tshaiman
Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450,... Moderate Unreviewed
CVE-2022-0010 was published May 22, 2023
Jenkins HashiCorp Vault Plugin has improper masking of credentials Moderate
CVE-2023-33001 was published for com.datapipe.jenkins.plugins:hashicorp-vault-plugin (Maven) May 16, 2023
Insertion of sensitive information into log file in the Open CAS software for Linux maintained by... Moderate Unreviewed
CVE-2023-22447 was published May 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database