Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,653
Erlang
29
GitHub Actions
16
Go
1,706
Maven
4,938
npm
3,471
NuGet
603
pip
2,985
Pub
10
RubyGems
826
Rust
772
Swift
34
Unreviewed advisories
All unreviewed
5,000+

647 advisories

goreleaser shows environment by default Moderate
GHSA-f6mm-5fc7-3g3c was published for github.com/goreleaser/goreleaser (Go) May 15, 2024
xrstf xmudrii
caarlos0
source-controller leaks Azure Storage SAS token into logs Moderate
CVE-2024-31216 was published for github.com/fluxcd/source-controller (Go) May 15, 2024
azure-file-csi-driver leaks service account tokens in the logs Moderate
CVE-2024-3744 was published for sigs.k8s.io/azurefile-csi-driver (Go) May 15, 2024
Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This... High Unreviewed
CVE-2024-34559 was published May 14, 2024
Insertion of Sensitive Information into Log File vulnerability in AlexaCRM Dynamics 365... Moderate Unreviewed
CVE-2024-34550 was published May 14, 2024
@valtimo/components exposes access token to form.io Critical
CVE-2024-34706 was published for @valtimo/components (npm) May 13, 2024
matrix-sdk-crypto contains a log exposure of private key of the server-side key backup Moderate
CVE-2024-34353 was published for matrix-sdk-crypto (Rust) May 13, 2024
IBM Watson CP4D Data Stores 4.0.0 through 4.8.4 stores potentially sensitive information in log... Moderate Unreviewed
CVE-2023-40694 was published May 7, 2024
A highly privileged account can overwrite arbitrary files on the system with log output. The log... Moderate Unreviewed
CVE-2024-28072 was published May 3, 2024
Insertion of Sensitive Information into Log File vulnerability in Jordy Meow WP Media Cleaner... Moderate Unreviewed
CVE-2024-33922 was published May 2, 2024
Vault Enterprise, when configured with performance standby nodes and a configured audit device,... Moderate Unreviewed
CVE-2024-2877 was published Apr 30, 2024
Insertion of Sensitive Information into Log File vulnerability in Solid Plugins Solid Affiliate... High Unreviewed
CVE-2024-33637 was published Apr 29, 2024
Jberet: jberet-core logging database credentials Moderate
CVE-2024-1102 was published for org.jberet:jberet-core (Maven) Apr 25, 2024
Sensitive Information leak via Log File in Kubernetes Moderate
CVE-2020-8563 was published for github.com/kubernetes/kubernetes (Go) Apr 24, 2024
Sensitive Information leak via Log File in Kubernetes Moderate
CVE-2020-8566 was published for github.com/kubernetes/kubernetes (Go) Apr 24, 2024
Insertion of Sensitive Information into Log File vulnerability in Very Good Plugins WP Fusion... Moderate Unreviewed
CVE-2024-32796 was published Apr 24, 2024
Insertion of Sensitive Information into Log File vulnerability in Patrick Posner Simply Static... High Unreviewed
CVE-2024-32825 was published Apr 24, 2024
Insertion of Sensitive Information into Log File vulnerability in Frédéric GILLES FG Joomla to... Moderate Unreviewed
CVE-2024-32788 was published Apr 24, 2024
Insertion of Sensitive Information into Log File vulnerability in Newsletters.This issue affects... High Unreviewed
CVE-2024-32953 was published Apr 24, 2024
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center... Moderate Unreviewed
CVE-2023-6833 was published Apr 23, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 stores potentially sensitive information in log files that... Moderate Unreviewed
CVE-2023-22869 was published Apr 19, 2024
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints Brocade Fabric OS switch... High Unreviewed
CVE-2024-29959 was published Apr 19, 2024
When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode,... High Unreviewed
CVE-2024-29957 was published Apr 19, 2024
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the... High Unreviewed
CVE-2024-29958 was published Apr 19, 2024
Insertion of Sensitive Information into Log File vulnerability in Inisev Backup Migration.This... Moderate Unreviewed
CVE-2024-32686 was published Apr 18, 2024
ProTip! Advisories are also available from the GraphQL API