Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,731
Maven
5,000+
npm
4,332
NuGet
763
pip
4,109
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

203 advisories

Loading
Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive... High Unreviewed
CVE-2018-7683 was published May 13, 2022
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI... High Unreviewed
CVE-2016-9882 was published May 13, 2022
Openstack Octavia allows Insertion of Sensitive Information into Log File High
CVE-2018-16856 was published for octavia (pip) May 13, 2022
aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and... High Unreviewed
CVE-2019-3500 was published May 13, 2022
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration... High Unreviewed
CVE-2016-0875 was published May 13, 2022
Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log... High Unreviewed
CVE-2016-0879 was published May 13, 2022
Moodle backs up private files High
CVE-2012-1156 was published for moodle/moodle (Composer) Apr 23, 2022
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker can... High Unreviewed
CVE-2021-45103 was published Apr 7, 2022
Sensitive Auth & Cookie data stored in Jupyter server logs High
CVE-2022-24758 was published for notebook (pip) Apr 5, 2022
3coins
Credited to 3coins
TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information... High Unreviewed
CVE-2022-27442 was published Apr 5, 2022
Insertion of Sensitive Information into Log File in Jupyter notebook High
CVE-2022-24757 was published for jupyter-server (pip) Mar 25, 2022
3coins
Credited to 3coins
A flaw was found in KeePass. The vulnerability occurs due to logging the plain text passwords in... High Unreviewed
CVE-2022-0725 was published Mar 11, 2022
HashiCorp Terraform Enterprise before 202202-1 inserts Sensitive Information into a Log File. High Unreviewed
CVE-2022-25374 was published Feb 26, 2022
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure... High Unreviewed
CVE-2021-36289 was published Jan 27, 2022
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions <... High Unreviewed
CVE-2021-45034 was published Jan 12, 2022
Insertion of Sensitive Information into Log File in Apache Geode High
CVE-2021-34797 was published for org.apache.geode:geode-core (Maven) Jan 6, 2022
Insertion of Sensitive Information into Log File in Apache NiFi Stateless High
CVE-2020-9486 was published for org.apache.nifi:nifi-stateless (Maven) Jan 6, 2022
Insertion of Sensitive Information into Log File in Apache NiFi High
CVE-2020-1942 was published for org.apache.nifi:nifi-framework-core (Maven) Jan 6, 2022
Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when... High Unreviewed
CVE-2021-37861 was published Dec 10, 2021
Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read application... High Unreviewed
CVE-2021-38283 was published Nov 30, 2021
Sensitive information could be logged. The following products are affected: Acronis Agent ... High Unreviewed
CVE-2021-34800 was published Nov 30, 2021
Insertion of Sensitive Information into Log File in ansible High
CVE-2021-20178 was published for ansible (pip) Jun 1, 2021
Information Disclosure in HashiCorp Vault High
CVE-2020-13223 was published for github.com/hashicorp/vault (Go) May 18, 2021
Sensitive information disclosure via log in com.bmuschko:gradle-vagrant-plugin High
CVE-2021-21361 was published for com.bmuschko:gradle-vagrant-plugin (Maven) Mar 9, 2021
britter
Credited to britter
Information Exposure in cordova-android High
CVE-2016-6799 was published for cordova-android (npm) Sep 11, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database