Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

740 advisories

Loading
An issue was discovered by Elastic whereby sensitive information is recorded in Kibana logs in... High Unreviewed
CVE-2023-31422 was published Oct 26, 2023
An issue was discovered in Fleet Server >= v8.10.0 and < v8.10.3 where Agent enrolment tokens are... High Unreviewed
CVE-2023-46667 was published Oct 26, 2023
If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the... Critical Unreviewed
CVE-2023-46668 was published Oct 26, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2023-42857 was published Oct 25, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2023-40405 was published Oct 25, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed
CVE-2023-41254 was published Oct 25, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed
CVE-2023-40425 was published Oct 25, 2023
Apache Santuario - XML Security for Java are vulnerable to private key disclosure Moderate
CVE-2023-44483 was published for org.apache.santuario:xmlsec (Maven) Oct 20, 2023
ydb-go-sdk token in custom credentials object can leak through logs Moderate
CVE-2023-45825 was published for github.com/ydb-platform/ydb-go-sdk/v3 (Go) Oct 19, 2023
sumerki2020 se-foster
blinkov
Wagtail vulnerable to disclosure of user names via admin bulk action views Low
CVE-2023-45809 was published for wagtail (pip) Oct 19, 2023
quyenheu
Mattermost Desktop fails to set an appropriate log level during initial run after fresh... Moderate Unreviewed
CVE-2023-5339 was published Oct 17, 2023
IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that... Moderate Unreviewed
CVE-2023-40682 was published Oct 13, 2023
An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to... Low Unreviewed
CVE-2023-41263 was published Oct 13, 2023
An insertion of sensitive information into log file vulnerability in Fortinet FortiGuest 1.0.0... Moderate Unreviewed
CVE-2023-25604 was published Oct 10, 2023
Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could... High Unreviewed
CVE-2023-5499 was published Oct 10, 2023
When BIG-IP APM Guided Configurations are configured, undisclosed sensitive information may be... Moderate Unreviewed
CVE-2023-39447 was published Oct 10, 2023
When on BIG-IP DNS or BIG-IP LTM enabled with DNS Services License, and a TSIG key is created,... Moderate Unreviewed
CVE-2023-41253 was published Oct 10, 2023
When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged... Moderate Unreviewed
CVE-2023-43485 was published Oct 10, 2023
Sensitive data could be exposed in logs of subiquity version 23.09.1 and earlier. An attacker in... Moderate Unreviewed
CVE-2023-5182 was published Oct 7, 2023
Sensitive information leak through log files. The following products are affected: Acronis Agent ... Moderate Unreviewed
CVE-2023-45241 was published Oct 6, 2023
A logic flaw exists in Ansible. Whenever a private project is created with incorrect credentials,... Moderate Unreviewed
CVE-2023-4380 was published Oct 4, 2023
An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows... High Unreviewed
CVE-2023-43261 was published Oct 4, 2023
Information exposure vulnerability in IBERMATICA RPS 2019, which exploitation could allow an... High Unreviewed
CVE-2023-3349 was published Oct 3, 2023
A Cryptographic Issue vulnerability has been found on IBERMATICA RPS, affecting version 2019. By... High Unreviewed
CVE-2023-3350 was published Oct 3, 2023
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center... Moderate Unreviewed
CVE-2023-3335 was published Oct 3, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database