GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,144
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,760
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,554

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

767 advisories

Filter by severity

Sort by

Least recently updated

The Woo Manage Fraud Orders plugin for WordPress is vulnerable to Sensitive Information Exposure... Moderate Unreviewed

CVE-2024-10544 was published Oct 31, 2024

An information disclosure issue was addressed with improved private data redaction for log... Moderate Unreviewed

CVE-2024-44239 was published Oct 28, 2024

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed

CVE-2024-27849 was published Oct 28, 2024

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed

CVE-2024-44205 was published Oct 24, 2024

Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355... Moderate Unreviewed

CVE-2022-25477 was published Jul 2, 2024

A vulnerability was found in code-projects Dormitory Management System 1.0. It has been rated as... Low Unreviewed

CVE-2024-0472 was published Jan 13, 2024

A vulnerability classified as problematic has been found in Beijing Baichuo Smart S150 Management... Low Unreviewed

CVE-2024-0716 was published Jan 19, 2024

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes... Moderate Unreviewed

CVE-2024-45738 was published Oct 14, 2024

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes... Moderate Unreviewed

CVE-2024-45739 was published Oct 14, 2024

A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition... High Unreviewed

CVE-2024-9466 was published Oct 9, 2024

Jberet: jberet-core logging database credentials Moderate

CVE-2024-1102 was published for org.jberet:jberet-core (Maven) Apr 25, 2024

Rancher 'Audit Log' leaks sensitive information High

CVE-2023-22649 was published for github.com/rancher/rancher (Go) Feb 8, 2024

Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password... Moderate Unreviewed

CVE-2024-8264 was published Oct 10, 2024

A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker... Moderate Unreviewed

CVE-2024-20491 was published Oct 2, 2024

A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco... Moderate Unreviewed

CVE-2024-20490 was published Oct 2, 2024

python-oslo-utils has improper password parsing Moderate

CVE-2022-0718 was published for oslo-utils (pip) Aug 29, 2022

Openstack Octavia allows Insertion of Sensitive Information into Log File High

CVE-2018-16856 was published for octavia (pip) May 13, 2022

oslo.middleware Information Disclosure vulnerability High

CVE-2017-2592 was published for oslo-middleware (pip) Jul 13, 2018

Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows... High Unreviewed

CVE-2024-8609 was published Sep 27, 2024

An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 16.0.8... High Unreviewed

CVE-2023-3993 was published Aug 2, 2023

An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows... Moderate Unreviewed

CVE-2024-7421 was published Sep 25, 2024

loguru vulnerable to improper privilege management Moderate

CVE-2022-0338 was published for loguru (pip) Jan 26, 2022

System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for... Moderate Unreviewed

CVE-2024-3165 was published Apr 2, 2024

Improper masking of credentials in Jenkins Pipeline Maven Integration Plugin Moderate

CVE-2023-41934 was published for org.jenkins-ci.plugins:pipeline-maven (Maven) Sep 6, 2023

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed

CVE-2024-44166 was published Sep 17, 2024

Previous 1 2 3 4 5 … 30 31 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

767 advisories