GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
159 advisories
Filter by severity
Information Exposure in Snyk Broker
High
CVE-2020-7654
was published
for
snyk-broker
(npm)
Jun 3, 2020
Information Exposure in cordova-android
High
CVE-2016-6799
was published
for
cordova-android
(npm)
Sep 11, 2020
Sensitive information disclosure via log in com.bmuschko:gradle-vagrant-plugin
High
CVE-2021-21361
was published
for
com.bmuschko:gradle-vagrant-plugin
(Maven)
Mar 9, 2021
Information Disclosure in HashiCorp Vault
High
CVE-2020-13223
was published
for
github.com/hashicorp/vault
(Go)
May 18, 2021
Sensitive information could be logged. The following products are affected: Acronis Agent ...
High
Unreviewed
CVE-2021-34800
was published
Nov 30, 2021
Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read application...
High
Unreviewed
CVE-2021-38283
was published
Nov 30, 2021
Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's password in audit logs when...
High
Unreviewed
CVE-2021-37861
was published
Dec 10, 2021
Insertion of Sensitive Information into Log File in Apache NiFi
High
CVE-2020-1942
was published
for
org.apache.nifi:nifi-framework-core
(Maven)
Jan 6, 2022
Insertion of Sensitive Information into Log File in Apache NiFi Stateless
High
CVE-2020-9486
was published
for
org.apache.nifi:nifi-stateless
(Maven)
Jan 6, 2022
Insertion of Sensitive Information into Log File in Apache Geode
High
CVE-2021-34797
was published
for
org.apache.geode:geode-core
(Maven)
Jan 6, 2022
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions <...
High
Unreviewed
CVE-2021-45034
was published
Jan 12, 2022
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure...
High
Unreviewed
CVE-2021-36289
was published
Jan 27, 2022
HashiCorp Terraform Enterprise before 202202-1 inserts Sensitive Information into a Log File.
High
Unreviewed
CVE-2022-25374
was published
Feb 26, 2022
A flaw was found in KeePass. The vulnerability occurs due to logging the plain text passwords in...
High
Unreviewed
CVE-2022-0725
was published
Mar 11, 2022
Insertion of Sensitive Information into Log File in Jupyter notebook
High
CVE-2022-24757
was published
for
jupyter-server
(pip)
Mar 25, 2022
TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information...
High
Unreviewed
CVE-2022-27442
was published
Apr 5, 2022
Sensitive Auth & Cookie data stored in Jupyter server logs
High
CVE-2022-24758
was published
for
notebook
(pip)
Apr 5, 2022
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker can...
High
Unreviewed
CVE-2021-45103
was published
Apr 7, 2022
Moodle backs up private files
High
CVE-2012-1156
was published
for
moodle/moodle
(Composer)
Apr 23, 2022
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration...
High
Unreviewed
CVE-2016-0875
was published
May 13, 2022
Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log...
High
Unreviewed
CVE-2016-0879
was published
May 13, 2022
aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and...
High
Unreviewed
CVE-2019-3500
was published
May 13, 2022
Openstack Octavia allows Insertion of Sensitive Information into Log File
High
CVE-2018-16856
was published
for
octavia
(pip)
May 13, 2022
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI...
High
Unreviewed
CVE-2016-9882
was published
May 13, 2022
Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive...
High
Unreviewed
CVE-2018-7683
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API