GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
563 advisories
Filter by severity
In affected versions of Octopus Server it is possible for the OpenID client secret to be logged...
Moderate
Unreviewed
CVE-2023-1904
was published
Dec 14, 2023
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 17.1.7...
Moderate
Unreviewed
CVE-2024-4472
was published
Sep 12, 2024
A vulnerability identified in OpenText™
Identity Manager AzureAD Driver that allows logging of...
Moderate
Unreviewed
CVE-2021-22518
was published
Sep 12, 2024
Possible Insertion of Sensitive Information into Log File Vulnerability
in Identity Manager has...
Moderate
Unreviewed
CVE-2022-26322
was published
Sep 12, 2024
Possible Insertion of Sensitive Information into Log File Vulnerability
in eDirectory has been...
Moderate
Unreviewed
CVE-2021-22533
was published
Sep 12, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2)....
Moderate
Unreviewed
CVE-2024-42344
was published
Sep 10, 2024
A vulnerability has been identified in SINUMERIK 828D V4 (All versions < V4.95 SP3), SINUMERIK...
Moderate
Unreviewed
CVE-2024-43781
was published
Sep 10, 2024
An issue discovered in Unisys Stealth 5.3.062.0 allows attackers to view sensitive information...
High
Unreviewed
CVE-2024-23758
was published
Feb 21, 2024
A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker...
High
Unreviewed
CVE-2024-20440
was published
Sep 4, 2024
The com.cascadialabs.who (aka Who - Caller ID, Spam Block) application 15.0 for Android places...
Low
Unreviewed
CVE-2024-40096
was published
Aug 5, 2024
Insertion of Sensitive Information into Log Files in M-Files Server in M-Files before 22.10.11846...
High
Unreviewed
CVE-2022-4858
was published
Dec 30, 2022
Retool (self-hosted enterprise) through 3.40.0 inserts resource authentication credentials into...
Moderate
Unreviewed
CVE-2024-42056
was published
Aug 22, 2024
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local...
Low
Unreviewed
CVE-2023-6287
was published
Nov 27, 2023
Passwords of agents and customers are displayed in plain text in the OTRS admin log module if...
High
Unreviewed
CVE-2024-43444
was published
Aug 26, 2024
spaces_plugin/app.py in SolidUI 0.4.0 has an unnecessary print statement for an OpenAI key. The...
High
Unreviewed
CVE-2024-34527
was published
May 6, 2024
Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355...
Moderate
Unreviewed
CVE-2022-25477
was published
Jul 2, 2024
When generating QKView of BIG-IP Next instance from the BIG-IP Next Central Manager (CM), F5...
Moderate
Unreviewed
CVE-2024-41719
was published
Aug 14, 2024
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All...
High
Unreviewed
CVE-2024-41978
was published
Aug 13, 2024
An issue was discovered whereby Elastic Agent will leak secrets from the agent policy elastic...
Moderate
Unreviewed
CVE-2024-37283
was published
Aug 12, 2024
Information exposure in the logging system in Yugabyte Platform allows local attackers with...
Moderate
Unreviewed
CVE-2024-0006
was published
Jul 19, 2024
A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user...
Moderate
Unreviewed
CVE-2024-5908
was published
Jun 12, 2024
Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C...
High
Unreviewed
CVE-2024-0912
was published
Jun 6, 2024
A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b...
Moderate
Unreviewed
CVE-2024-29954
was published
Jun 26, 2024
IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive...
Moderate
Unreviewed
CVE-2024-38321
was published
Aug 3, 2024
A vulnerability in Cato Networks SDP Client on Windows allows the insertion of sensitive...
Moderate
Unreviewed
CVE-2024-6977
was published
Jul 31, 2024
ProTip!
Advisories are also available from the
GraphQL API