GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
740 advisories
Filter by severity
A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user...
Moderate
Unreviewed
CVE-2024-5908
was published
Jun 12, 2024
CWE-532: Insertion of Sensitive Information into Log File vulnerability exists that could cause...
Moderate
Unreviewed
CVE-2024-5557
was published
Jun 12, 2024
Insertion of Sensitive Information into Log File vulnerability in Octolize USPS Shipping for...
Moderate
Unreviewed
CVE-2024-32811
was published
Jun 9, 2024
Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C...
High
Unreviewed
CVE-2024-0912
was published
Jun 6, 2024
Insertion of Sensitive Information into Log File vulnerability in Code Parrots Easy Forms for...
High
Unreviewed
CVE-2024-25095
was published
Jun 4, 2024
apko Exposure of HTTP basic auth credentials in log output
High
CVE-2024-36127
was published
for
chainguard.dev/apko
(Go)
Jun 4, 2024
Insertion of Sensitive Information into Log File vulnerability in Lukman Nakib Debug Log – Manger...
Moderate
Unreviewed
CVE-2024-34798
was published
Jun 3, 2024
Slack integration leaks sensitive information in logs
Low
CVE-2024-35196
was published
for
sentry
(pip)
Jun 2, 2024
Fides Webserver Logs Hosted Database Password Partial Exposure Vulnerability
Low
CVE-2024-34715
was published
for
ethyca-fides
(pip)
May 29, 2024
goreleaser shows environment by default
Moderate
GHSA-f6mm-5fc7-3g3c
was published
for
github.com/goreleaser/goreleaser
(Go)
May 15, 2024
source-controller leaks Azure Storage SAS token into logs
Moderate
CVE-2024-31216
was published
for
github.com/fluxcd/source-controller
(Go)
May 15, 2024
azure-file-csi-driver leaks service account tokens in the logs
Moderate
CVE-2024-3744
was published
for
sigs.k8s.io/azurefile-csi-driver
(Go)
May 15, 2024
Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This...
High
Unreviewed
CVE-2024-34559
was published
May 14, 2024
Insertion of Sensitive Information into Log File vulnerability in AlexaCRM Dynamics 365...
Moderate
Unreviewed
CVE-2024-34550
was published
May 14, 2024
@valtimo/components exposes access token to form.io
Critical
CVE-2024-34706
was published
for
@valtimo/components
(npm)
May 13, 2024
matrix-sdk-crypto contains a log exposure of private key of the server-side key backup
Moderate
CVE-2024-34353
was published
for
matrix-sdk-crypto
(Rust)
May 13, 2024
IBM Watson CP4D Data Stores 4.0.0 through 4.8.4 stores potentially sensitive information in log...
Moderate
Unreviewed
CVE-2023-40694
was published
May 7, 2024
spaces_plugin/app.py in SolidUI 0.4.0 has an unnecessary print statement for an OpenAI key. The...
High
Unreviewed
CVE-2024-34527
was published
May 6, 2024
A highly privileged account can overwrite arbitrary files on the system with log output. The log...
Moderate
Unreviewed
CVE-2024-28072
was published
May 3, 2024
Insertion of Sensitive Information into Log File vulnerability in Jordy Meow WP Media Cleaner...
Moderate
Unreviewed
CVE-2024-33922
was published
May 2, 2024
Vault Enterprise, when configured with performance standby nodes and a configured audit device,...
Moderate
Unreviewed
CVE-2024-2877
was published
Apr 30, 2024
Insertion of Sensitive Information into Log File vulnerability in Solid Plugins Solid Affiliate...
High
Unreviewed
CVE-2024-33637
was published
Apr 29, 2024
Jberet: jberet-core logging database credentials
Moderate
CVE-2024-1102
was published
for
org.jberet:jberet-core
(Maven)
Apr 25, 2024
Sensitive Information leak via Log File in Kubernetes
Moderate
CVE-2020-8563
was published
for
github.com/kubernetes/kubernetes
(Go)
Apr 24, 2024
Sensitive Information leak via Log File in Kubernetes
Moderate
CVE-2020-8566
was published
for
github.com/kubernetes/kubernetes
(Go)
Apr 24, 2024
ProTip!
Advisories are also available from the
GraphQL API