Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

169 advisories

Loading
Git credentials are exposed in Atlantis logs High
CVE-2024-52009 was published for github.com/runatlantis/atlantis (Go) Nov 8, 2024
niooss-ledger
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition... High Unreviewed
CVE-2024-9466 was published Oct 9, 2024
Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows... High Unreviewed
CVE-2024-8609 was published Sep 27, 2024
A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker... High Unreviewed
CVE-2024-20440 was published Sep 4, 2024
Passwords of agents and customers are displayed in plain text in the OTRS admin log module if... High Unreviewed
CVE-2024-43444 was published Aug 26, 2024
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All... High Unreviewed
CVE-2024-41978 was published Aug 13, 2024
Multiple Exposure of sensitive information to an unauthorized actor vulnerabilities [CWE-200] in... High Unreviewed
CVE-2024-27784 was published Jul 9, 2024
Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C... High Unreviewed
CVE-2024-0912 was published Jun 6, 2024
Insertion of Sensitive Information into Log File vulnerability in Code Parrots Easy Forms for... High Unreviewed
CVE-2024-25095 was published Jun 4, 2024
apko Exposure of HTTP basic auth credentials in log output High
CVE-2024-36127 was published for chainguard.dev/apko (Go) Jun 4, 2024
kolloch
Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This... High Unreviewed
CVE-2024-34559 was published May 14, 2024
spaces_plugin/app.py in SolidUI 0.4.0 has an unnecessary print statement for an OpenAI key. The... High Unreviewed
CVE-2024-34527 was published May 6, 2024
Insertion of Sensitive Information into Log File vulnerability in Solid Plugins Solid Affiliate... High Unreviewed
CVE-2024-33637 was published Apr 29, 2024
Insertion of Sensitive Information into Log File vulnerability in Newsletters.This issue affects... High Unreviewed
CVE-2024-32953 was published Apr 24, 2024
Insertion of Sensitive Information into Log File vulnerability in Patrick Posner Simply Static... High Unreviewed
CVE-2024-32825 was published Apr 24, 2024
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the... High Unreviewed
CVE-2024-29958 was published Apr 19, 2024
When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode,... High Unreviewed
CVE-2024-29957 was published Apr 19, 2024
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints Brocade Fabric OS switch... High Unreviewed
CVE-2024-29959 was published Apr 19, 2024
Insertion of Sensitive Information into Log File vulnerability in Searchiq SearchIQ.This issue... High Unreviewed
CVE-2024-31259 was published Apr 10, 2024
Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an insertion of sensitive... High Unreviewed
CVE-2024-25959 was published Mar 28, 2024
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes... High Unreviewed
CVE-2024-29945 was published Mar 27, 2024
Insertion of Sensitive Information into Log File vulnerability in GSheetConnector CF7 Google... High Unreviewed
CVE-2023-44989 was published Mar 26, 2024
Insecure Variable Substitution in Vela High
CVE-2024-28236 was published for github.com/go-vela/worker (Go) Mar 14, 2024
gdiepen
An issue discovered in Unisys Stealth 5.3.062.0 allows attackers to view sensitive information... High Unreviewed
CVE-2024-23758 was published Feb 21, 2024
The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log... High Unreviewed
CVE-2023-47131 was published Feb 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database