GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
82 advisories
Filter by severity
An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM version...
Low
Unreviewed
CVE-2023-45585
was published
Nov 14, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Low
Unreviewed
CVE-2023-40405
was published
Oct 25, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Low
Unreviewed
CVE-2023-42857
was published
Oct 25, 2023
A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4...
Low
Unreviewed
CVE-2023-5028
was published
Sep 17, 2023
Wagtail vulnerable to disclosure of user names via admin bulk action views
Low
CVE-2023-45809
was published
for
wagtail
(pip)
Oct 19, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Low
Unreviewed
CVE-2023-40442
was published
Sep 12, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Low
Unreviewed
CVE-2023-40392
was published
Sep 6, 2023
Sensitive Terraform Output Values Printed At Info Logging Level In Kitchen-Terraform
Low
CVE-2023-30618
was published
for
kitchen-terraform
(RubyGems)
Apr 24, 2023
A vulnerability was found in rkhunter Rootkit Hunter 1.4.4/1.4.6. It has been classified as...
Low
Unreviewed
CVE-2023-4413
was published
Aug 18, 2023
Information Disclosure in go.elastic.co/apm
Low
CVE-2021-22133
was published
for
go.elastic.co/apm
(Go)
May 18, 2021
Juiker app stores debug logs which contains sensitive information to mobile external storage. An...
Low
Unreviewed
CVE-2022-39043
was published
Mar 27, 2023
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741...
Low
Unreviewed
CVE-2022-25823
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows...
Low
Unreviewed
CVE-2022-25826
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751...
Low
Unreviewed
CVE-2022-25830
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows...
Low
Unreviewed
CVE-2022-25827
was published
Mar 11, 2022
Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows...
Low
Unreviewed
CVE-2022-25828
was published
Mar 11, 2022
Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751...
Low
Unreviewed
CVE-2022-25829
was published
Mar 11, 2022
Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting...
Low
Unreviewed
CVE-2022-2394
was published
Jul 20, 2022
In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file
Low
Unreviewed
CVE-2022-48435
was published
Apr 4, 2023
IBM Robotic Process Automation with Automation Anywhere 11 information disclosure could allow a...
Low
Unreviewed
CVE-2019-4296
was published
May 24, 2022
The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0...
Low
Unreviewed
CVE-2016-5432
was published
May 17, 2022
In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated...
Low
Unreviewed
CVE-2021-41808
was published
Jan 19, 2022
The LinuxMagic MagicSpam extension before 2.0.14-1 for Plesk allows local users to discover...
Low
Unreviewed
CVE-2018-5693
was published
May 14, 2022
Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 8.2.01...
Low
Unreviewed
CVE-2022-39876
was published
Oct 7, 2022
IBM QRadar 7.3 stores potentially sensitive information in log files that could be read by a...
Low
Unreviewed
CVE-2017-1733
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API