Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

48 advisories

Loading
Log Forging in generator-jhipster-kotlin Moderate
CVE-2020-4072 was published for generator-jhipster-kotlin (npm) Jun 25, 2020
Shopware's log module vulnerable to Improper Output Neutralization Low
CVE-2023-22733 was published for shopware/core (Composer) Jan 20, 2023
Log Injection in Apache Sling Commons Log and Apache Sling API Moderate
CVE-2022-32549 was published for org.apache.sling:org.apache.sling.api (Maven) Jun 23, 2022
The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable... Moderate Unreviewed
CVE-2022-1522 was published Sep 7, 2022
Temporary urls leaked via logging Low
CVE-2017-8761 was published for swift (pip) Jun 8, 2021
A vulnerability classified as problematic has been found in OpenDNS OpenResolve. This affects an... Critical Unreviewed
CVE-2015-10011 was published Jan 3, 2023
Gin's default logger allows unsanitized input that can allow remote attackers to inject arbitrary log lines High
CVE-2020-36567 was published for github.com/gin-gonic/gin (Go) Dec 27, 2022
OpenShift Container Platform 4 does not sanitize secret data written to static pod logs when the... Moderate Unreviewed
CVE-2019-14854 was published May 24, 2022
lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when... Moderate Unreviewed
CVE-2018-10932 was published May 13, 2022
Yapscan's report receiver server vulnerable to path traversal and log injection High
GHSA-9h6h-9g78-86f7 was published for github.com/fkie-cad/yapscan (Go) Dec 29, 2022
tdunlap607
A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the... Moderate Unreviewed
CVE-2023-0595 was published Feb 24, 2023
A vulnerability was found in Simple History Plugin. It has been rated as critical. This issue... Critical Unreviewed
CVE-2022-4011 was published Nov 16, 2022
Sensitive Data Exposure in Openshift Container Platform Moderate Unreviewed
CVE-2019-10213 was published May 17, 2021
YugabyteDB is vulnerable to cross site scripting (XSS) via log injection. Writing invalidated... High Unreviewed
CVE-2023-6002 was published Nov 8, 2023
An improper output neutralization for logs in Fortinet FortiWeb 6.2.0 - 6.2.8, 6.3.0 - 6.3.23, 7... Moderate Unreviewed
CVE-2023-46713 was published Dec 13, 2023
Splunk SOAR versions 6.0.2 and earlier are indirectly affected by a potential vulnerability... High Unreviewed
CVE-2023-3997 was published Jul 31, 2023
OPCUAServerToolkit will write a log message once an OPC UA client has successfully connected... Moderate Unreviewed
CVE-2023-7234 was published Jan 16, 2024
Sending specially crafted commands to a MongoDB Server may result in artificial log entries being... Moderate Unreviewed
CVE-2021-20333 was published May 24, 2022
IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate... Moderate Unreviewed
CVE-2023-38020 was published Feb 2, 2024
Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed... Low Unreviewed
CVE-2024-22229 was published Jan 24, 2024
A vulnerability classified as critical has been found in Sichuan Yougou Technology KuERP up to 1... Moderate Unreviewed
CVE-2024-0987 was published Jan 29, 2024
In Splunk IT Service Intelligence (ITSI) versions below 4.13.3 or 4.15.3, a malicious actor can... High Unreviewed
CVE-2023-4571 was published Aug 30, 2023
Potential log injection in reset user endpoint in CKAN Moderate
CVE-2024-27097 was published for ckan (pip) Mar 13, 2024
ZuhairORZaki
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.9.0 and IBM... Moderate Unreviewed
CVE-2024-22356 was published Mar 26, 2024
A vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that... Moderate Unreviewed
CVE-2023-1711 was published May 30, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database