Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

768 advisories

Loading
ops leaking secrets if `subprocess.CalledProcessError` happens with a `secret-*` CLI command Moderate
CVE-2024-41129 was published for ops (pip) Jul 22, 2024
phvalguima
A vulnerability in Cato Networks SDP Client on Windows allows the insertion of sensitive... Moderate Unreviewed
CVE-2024-6977 was published Jul 31, 2024
An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS... Moderate Unreviewed
CVE-2024-39532 was published Jul 11, 2024
Sensitive host secret disclosed in cmk-update-agent.log file in Tribe29's Checkmk <= 2.1.0p13,... Moderate Unreviewed
CVE-2022-48319 was published Feb 20, 2023
In JetBrains TeamCity before 2024.07 parameters of the "password" type could leak into the build... Moderate Unreviewed
CVE-2024-41824 was published Jul 22, 2024
Insertion of Sensitive Information into Log File vulnerability in SERVIT Software Solutions.This... Moderate Unreviewed
CVE-2024-37205 was published Jul 10, 2024
Insertion of Sensitive Information into Log File vulnerability in TrustedLogin TrustedLogin... Moderate Unreviewed
CVE-2024-37270 was published Jul 10, 2024
Multiple Exposure of sensitive information to an unauthorized actor vulnerabilities [CWE-200] in... High Unreviewed
CVE-2024-27784 was published Jul 9, 2024
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special... Moderate Unreviewed
CVE-2024-40596 was published Jul 7, 2024
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can... Moderate Unreviewed
CVE-2024-40598 was published Jul 7, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A... High Unreviewed
CVE-2022-32254 was published Jun 15, 2022
Passwords are stored in clear-text logs. An attacker can retrieve passwords. As for the affected... Moderate Unreviewed
CVE-2024-27154 was published Jun 14, 2024
The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A... Moderate Unreviewed
CVE-2024-27157 was published Jun 14, 2024
The session cookies, used for authentication, are stored in clear-text logs. An attacker can... Moderate Unreviewed
CVE-2024-27156 was published Jun 14, 2024
Under certain circumstances unnecessary user details are provided within system logs Moderate Unreviewed
CVE-2024-32757 was published Jul 2, 2024
IBM Security Verify Access 10.0.0 through 10.0.7.1 could allow a local user to obtain sensitive... Moderate Unreviewed
CVE-2023-30430 was published Jun 27, 2024
Bitbucket OAuth access token exposed in the build log by Bitbucket Branch Source Plugin Moderate
CVE-2024-39460 was published for org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source (Maven) Jun 26, 2024
go-retryablehttp can leak basic auth credentials to log files Moderate
CVE-2024-6104 was published for github.com/hashicorp/go-retryablehttp (Go) Jun 24, 2024
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p7, <2... Low Unreviewed
CVE-2024-28830 was published Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a... Low Unreviewed
CVE-2024-29177 was published Jun 26, 2024
An information disclosure vulnerability in Phloc Webscopes 7.0.0 allows local attackers with... Unknown Unreviewed
CVE-2024-6060 was published Jun 26, 2024
Elastic Beats inserts sensitive information into log file Moderate
CVE-2023-49922 was published for github.com/elastic/beats (Go) Dec 12, 2023
levinebw
Insertion of Sensitive Information into Log File vulnerability in WP 2FA allows Accessing... Moderate Unreviewed
CVE-2022-44587 was published Jun 21, 2024
SonarQube logs sensitive information Moderate
CVE-2024-38460 was published for org.sonarsource.sonarqube:sonar-web (Maven) Jun 16, 2024
Vault Enterprise, when configured with performance standby nodes and a configured audit device,... Moderate Unreviewed
CVE-2024-2877 was published Apr 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database