Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

91 advisories

Loading
TYPO3 Information Disclosure via Exception Handling/Logger Low
CVE-2024-55891 was published for typo3/cms-install (Composer) Jan 14, 2025
ohader
User credentials (login & password) are inserted into log files when a user tries to authenticate... Low Unreviewed
CVE-2024-12057 was published Dec 9, 2024
@workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled Low
CVE-2024-51752 was published for @workos-inc/authkit-nextjs (npm) Nov 5, 2024
@workos-inc/authkit-remix refresh tokens are logged when the debug flag is enabled Low
CVE-2024-51753 was published for @workos-inc/authkit-remix (npm) Nov 5, 2024
A privacy issue was addressed by not logging contents of text fields. This issue is fixed in... Low Unreviewed
CVE-2024-23242 was published Mar 8, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2024-27849 was published Oct 28, 2024
A vulnerability was found in code-projects Dormitory Management System 1.0. It has been rated as... Low Unreviewed
CVE-2024-0472 was published Jan 13, 2024
A vulnerability classified as problematic has been found in Beijing Baichuo Smart S150 Management... Low Unreviewed
CVE-2024-0716 was published Jan 19, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2024-40791 was published Sep 17, 2024
The com.cascadialabs.who (aka Who - Caller ID, Spam Block) application 15.0 for Android places... Low Unreviewed
CVE-2024-40096 was published Aug 5, 2024
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local... Low Unreviewed
CVE-2023-6287 was published Nov 27, 2023
Steeltoe Leaks Basic Auth Credentials to Logs After Fetch Registry Error Low
CVE-2024-40636 was published for Steeltoe.Discovery.ClientAutofac (NuGet) Jul 17, 2024
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p7, <2... Low Unreviewed
CVE-2024-28830 was published Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a... Low Unreviewed
CVE-2024-29177 was published Jun 26, 2024
Slack integration leaks sensitive information in logs Low
CVE-2024-35196 was published for sentry (pip) Jun 2, 2024
asottile asottile-sentry
Fides Webserver Logs Hosted Database Password Partial Exposure Vulnerability Low
CVE-2024-34715 was published for ethyca-fides (pip) May 29, 2024
tariqajyusuf pattisdr
Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup &... Low Unreviewed
CVE-2024-31254 was published Apr 10, 2024
An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to... Low Unreviewed
CVE-2023-41263 was published Oct 13, 2023
An information disclosure issue in Gitlab CE/EE affecting all versions from 13.6 prior to 15.11... Low Unreviewed
CVE-2023-3363 was published Jul 13, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2023-23505 was published Jul 6, 2023
An issue was discovered in Faronics Insight 10.0.19045 on Windows. Every keystroke made by any... Low Unreviewed
CVE-2023-28351 was published May 31, 2023
Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http... Low Unreviewed
CVE-2023-31413 was published May 4, 2023
In the proc filesystem, there is a possible information disclosure due to log information... Low Unreviewed
CVE-2019-9277 was published May 24, 2022
In cPanel before 66.0.2, domain log files become readable after log processing (SEC-273). Low Unreviewed
CVE-2017-18423 was published May 24, 2022
cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of... Low Unreviewed
CVE-2017-18412 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database