GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,176
Erlang
30
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
48 advisories
Filter by severity
A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f....
Moderate
Unreviewed
CVE-2024-8334
was published
Aug 30, 2024
A vulnerability was found in kitsada8621 Digital Library Management System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-8297
was published
Aug 29, 2024
Improper output Neutralization for Logs (CWE-117) in the Command Centre API Diagnostics Endpoint...
Low
Unreviewed
CVE-2024-23194
was published
Jul 11, 2024
NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can...
Critical
Unreviewed
CVE-2024-0095
was published
Jun 14, 2024
An issue was discovered in Italtel Embrace 1.6.4. The product does not neutralize or incorrectly...
Moderate
Unreviewed
CVE-2024-31845
was published
May 21, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in...
Moderate
Unreviewed
CVE-2023-28952
was published
May 3, 2024
Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs...
Moderate
Unreviewed
CVE-2023-39461
was published
May 3, 2024
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection...
High
Unreviewed
CVE-2024-25047
was published
May 2, 2024
flask-cors vulnerable to log injection when the log level is set to debug
Moderate
CVE-2024-1681
was published
for
flask-cors
(pip)
Apr 19, 2024
Sentry vulnerable to leaking superuser cleartext password in logs
High
CVE-2024-32474
was published
for
sentry
(pip)
Apr 18, 2024
Keycloak vulnerable to log Injection during WebAuthn authentication or registration
Moderate
CVE-2023-6484
was published
for
org.keycloak:keycloak-services
(Maven)
Apr 17, 2024
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.9.0 and IBM...
Moderate
Unreviewed
CVE-2024-22356
was published
Mar 26, 2024
Potential log injection in reset user endpoint in CKAN
Moderate
CVE-2024-27097
was published
for
ckan
(pip)
Mar 13, 2024
Ansible-core information disclosure flaw
Moderate
CVE-2024-0690
was published
for
ansible-core
(pip)
Feb 6, 2024
IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate...
Moderate
Unreviewed
CVE-2023-38020
was published
Feb 2, 2024
A vulnerability classified as critical has been found in Sichuan Yougou Technology KuERP up to 1...
Moderate
Unreviewed
CVE-2024-0987
was published
Jan 29, 2024
Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed...
Low
Unreviewed
CVE-2024-22229
was published
Jan 24, 2024
OPCUAServerToolkit will write a log message once an OPC UA client has successfully connected...
Moderate
Unreviewed
CVE-2023-7234
was published
Jan 16, 2024
An improper output neutralization for logs in Fortinet FortiWeb 6.2.0 - 6.2.8, 6.3.0 - 6.3.23, 7...
Moderate
Unreviewed
CVE-2023-46713
was published
Dec 13, 2023
YugabyteDB is vulnerable to cross site scripting (XSS) via log injection. Writing invalidated...
High
Unreviewed
CVE-2023-6002
was published
Nov 8, 2023
iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize paths in x-man-page URLs....
Critical
Unreviewed
CVE-2023-46321
was published
Oct 23, 2023
iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The...
Critical
Unreviewed
CVE-2023-46322
was published
Oct 23, 2023
A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in...
Moderate
Unreviewed
CVE-2023-4065
was published
Sep 27, 2023
In Splunk IT Service Intelligence (ITSI) versions below 4.13.3 or 4.15.3, a malicious actor can...
High
Unreviewed
CVE-2023-4571
was published
Aug 30, 2023
Splunk SOAR versions 6.0.2 and earlier are indirectly affected by a potential vulnerability...
High
Unreviewed
CVE-2023-3997
was published
Jul 31, 2023
ProTip!
Advisories are also available from the
GraphQL API