GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
740 advisories
Filter by severity
ops leaking secrets if `subprocess.CalledProcessError` happens with a `secret-*` CLI command
Moderate
CVE-2024-41129
was published
for
ops
(pip)
Jul 22, 2024
In JetBrains TeamCity before 2024.07 parameters of the "password" type could leak into the build...
Moderate
Unreviewed
CVE-2024-41824
was published
Jul 22, 2024
Information exposure in the logging system in Yugabyte Platform allows local attackers with...
Moderate
Unreviewed
CVE-2024-0006
was published
Jul 19, 2024
Steeltoe Leaks Basic Auth Credentials to Logs After Fetch Registry Error
Low
CVE-2024-40636
was published
for
Steeltoe.Discovery.ClientAutofac
(NuGet)
Jul 17, 2024
An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2024-39532
was published
Jul 11, 2024
Insertion of Sensitive Information into Log File vulnerability in TrustedLogin TrustedLogin...
Moderate
Unreviewed
CVE-2024-37270
was published
Jul 10, 2024
Insertion of Sensitive Information into Log File vulnerability in SERVIT Software Solutions.This...
Moderate
Unreviewed
CVE-2024-37205
was published
Jul 10, 2024
Multiple Exposure of sensitive information to an unauthorized actor vulnerabilities [CWE-200] in...
High
Unreviewed
CVE-2024-27784
was published
Jul 9, 2024
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special...
Moderate
Unreviewed
CVE-2024-40596
was published
Jul 7, 2024
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can...
Moderate
Unreviewed
CVE-2024-40598
was published
Jul 7, 2024
Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355...
Moderate
Unreviewed
CVE-2022-25477
was published
Jul 2, 2024
Under certain circumstances unnecessary user details are provided within system logs
Moderate
Unreviewed
CVE-2024-32757
was published
Jul 2, 2024
VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information...
Moderate
Unreviewed
CVE-2024-22276
was published
Jun 27, 2024
IBM Security Verify Access 10.0.0 through 10.0.7.1 could allow a local user to obtain sensitive...
Moderate
Unreviewed
CVE-2023-30430
was published
Jun 27, 2024
Bitbucket OAuth access token exposed in the build log by Bitbucket Branch Source Plugin
Moderate
CVE-2024-39460
was published
for
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source
(Maven)
Jun 26, 2024
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p7, <2...
Low
Unreviewed
CVE-2024-28830
was published
Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a...
Low
Unreviewed
CVE-2024-29177
was published
Jun 26, 2024
A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b...
Moderate
Unreviewed
CVE-2024-29954
was published
Jun 26, 2024
An information disclosure vulnerability in Phloc Webscopes 7.0.0 allows local attackers with...
Unknown
Unreviewed
CVE-2024-6060
was published
Jun 26, 2024
go-retryablehttp can leak basic auth credentials to log files
Moderate
CVE-2024-6104
was published
for
github.com/hashicorp/go-retryablehttp
(Go)
Jun 24, 2024
Insertion of Sensitive Information into Log File vulnerability in WP 2FA allows Accessing...
Moderate
Unreviewed
CVE-2022-44587
was published
Jun 21, 2024
SonarQube logs sensitive information
Moderate
CVE-2024-38460
was published
for
org.sonarsource.sonarqube:sonar-web
(Maven)
Jun 16, 2024
The session cookies, used for authentication, are stored in clear-text logs. An attacker can...
Moderate
Unreviewed
CVE-2024-27156
was published
Jun 14, 2024
The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A...
Moderate
Unreviewed
CVE-2024-27157
was published
Jun 14, 2024
Passwords are stored in clear-text logs. An attacker can retrieve passwords. As for the affected...
Moderate
Unreviewed
CVE-2024-27154
was published
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API