GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
286 advisories
Filter by severity
Sensitive information could be displayed when a detailed technical error message is posted. This...
Moderate
Unreviewed
CVE-2021-35251
was published
Mar 11, 2022
An information disclosure in web interface in D-Link DIR-X1860 before 1.03 RevA1 allows a remote...
Moderate
Unreviewed
CVE-2021-46353
was published
Mar 5, 2022
Ansible discloses sensitive information in traceback error message
Moderate
CVE-2021-3620
was published
for
ansible
(pip)
Mar 4, 2022
A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support....
Moderate
Unreviewed
CVE-2022-0563
was published
Feb 22, 2022
Generation of Error Message Containing Sensitive Information in microweber
High
CVE-2022-0660
was published
for
microweber/microweber
(Composer)
Feb 19, 2022
Generation of Error Message Containing Sensitive Information in Snipe-IT
Moderate
CVE-2022-0622
was published
for
snipe/snipe-it
(Composer)
Feb 18, 2022
A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517,...
High
Unreviewed
CVE-2021-26726
was published
Feb 17, 2022
Generation of Error Message Containing Sensitive Information in postgresql
Moderate
Unreviewed
CVE-2021-3393
was published
Feb 15, 2022
Wildfly logs plaintext passwords
Moderate
CVE-2020-25640
was published
for
org.wildfly:wildfly-parent
(Maven)
Feb 15, 2022
Generation of Error Message Containing Sensitive Information in Keycloak
Low
CVE-2020-1717
was published
for
org.keycloak:keycloak-parent
(Maven)
Feb 9, 2022
Generation of Error Message Containing Sensitive Information in microweber
Moderate
CVE-2022-0504
was published
for
microweber/microweber
(Composer)
Feb 9, 2022
Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that...
Moderate
Unreviewed
CVE-2021-40338
was published
Jan 29, 2022
User enumeration in livehelperchat
Moderate
CVE-2022-0083
was published
for
remdex/livehelperchat
(Composer)
Jan 21, 2022
A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of...
High
Unreviewed
CVE-2022-22162
was published
Jan 20, 2022
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2021-38894
was published
Jan 11, 2022
showdoc is vulnerable to Generation of Error Message Containing Sensitive Information
Moderate
CVE-2022-0079
was published
for
showdoc/showdoc
(Composer)
Jan 6, 2022
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information
Moderate
Unreviewed
CVE-2021-4177
was published
Dec 29, 2021
An issue was discovered in /goform/login_process in Reprise RLM 14.2. When an attacker attempts...
Moderate
Unreviewed
CVE-2021-44155
was published
Dec 14, 2021
Using XMLHttpRequest, an attacker could have identified installed applications by probing error...
Moderate
Unreviewed
CVE-2021-43542
was published
Dec 9, 2021
IBM Tivoli Key Lifecycle Manager (IBM Security Guardium Key Lifecycle Manager) 3.0, 3.0.1, 4.0,...
Moderate
Unreviewed
CVE-2021-38980
was published
Nov 24, 2021
Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2021-32712
was published
for
shopware/shopware
(Composer)
Sep 8, 2021
Generation of Error Message Containing Sensitive Information in RESTEasy client
Moderate
CVE-2020-25633
was published
for
org.jboss.resteasy:resteasy-client
(Maven)
Jun 3, 2021
Information leakage in Error Handler
Moderate
GHSA-9vxv-wpv4-f52p
was published
for
shopware/shopware
(Composer)
May 21, 2021
Action Pack contains Information Disclosure / Unintended Method Execution vulnerability
High
CVE-2021-22885
was published
for
actionpack
(RubyGems)
May 5, 2021
Exposure of class information in RESTEasy
Moderate
CVE-2021-20289
was published
for
org.jboss.resteasy:resteasy-core
(Maven)
Apr 7, 2021
ProTip!
Advisories are also available from the
GraphQL API