Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,086
Maven
5,000+
npm
3,747
NuGet
674
pip
3,436
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

166 advisories

Loading
The login_to_simulator method in Linden Lab Second Life, as used by the secondlife:// protocol... Moderate Unreviewed
CVE-2007-4961 was published May 1, 2022
LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client... Moderate Unreviewed
CVE-2021-3882 was published May 24, 2022
Jenkins Fabric-beta-publisher Plugin stores credentials in plain text Moderate
CVE-2019-1003088 was published for egor-n:fabric-beta-publisher (Maven) May 13, 2022
Jenkins Perfecto Mobile Plugin stores credentials in plain text Moderate
CVE-2019-1003095 was published for org.jenkins-ci.plugins:perfectomobile (Maven) May 13, 2022
Jenkins Open STF Plugin stores credentials in plain text Moderate
CVE-2019-1003094 was published for org.jenkins-ci.plugins:open-stf (Maven) May 13, 2022
Missing encryption in the RFID tags of the Hozard alarm system (Alarmsysteem) v1.0 allow... Moderate Unreviewed
CVE-2023-50126 was published Jan 11, 2024
Missing encryption in the NFC tags of the Flient Smart Door Lock v1.0 allows attackers to create... Moderate Unreviewed
CVE-2023-50129 was published Jan 11, 2024
When saving HSTS data to an excessively long file name, curl could end up removing all contents,... Moderate Unreviewed
CVE-2023-46219 was published Dec 12, 2023
IBM Security Access Manager Appliance (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... Moderate Unreviewed
CVE-2023-38267 was published Jan 11, 2024
Jenkins Upload to pgyer Plugin stores credentials in plain text Moderate
CVE-2019-1003089 was published for ren.helloworld:upload-pgyer (Maven) May 13, 2022
Jenkins Active Directory Plugin vulnerable to Active Directory credential disclosure Moderate
CVE-2023-37943 was published for org.jenkins-ci.plugins:active-directory (Maven) Jul 12, 2023
Jenkins Ansible Plugin stores and displays secrets in plain text Moderate
CVE-2023-32982 was published for org.jenkins-ci.plugins:ansible (Maven) May 16, 2023
If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted.... Moderate Unreviewed
CVE-2020-12801 was published May 24, 2022
Jenkins CloudFormation Plugin stores credentials in plain text Moderate
CVE-2019-1003061 was published for org.jenkins-ci.plugins:jenkins-cloudformation-plugin (Maven) May 13, 2022
Cleartext Transmission of Sensitive Information in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10363 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of... Moderate Unreviewed
CVE-2023-42019 was published Dec 1, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated,... Moderate Unreviewed
CVE-2023-37858 was published Aug 9, 2023
Meross Smart Wi-Fi 2 Way Wall Switch (MSS550X), on its 3.1.3 version and before, creates an open... Moderate Unreviewed
CVE-2021-3774 was published May 24, 2022
The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive... Moderate Unreviewed
CVE-2023-33228 was published Nov 1, 2023
Jenkins VS Team Services Continuous Deployment Plugin stores credentials in plain text Moderate
CVE-2019-1003073 was published for org.jenkins-ci.plugins:vsts-cd (Maven) May 13, 2022
The application was vulnerable to an authenticated information disclosure, allowing... Moderate Unreviewed
CVE-2022-40295 was published Nov 1, 2022
Passwords stored in plain text by Jenkins ReadyAPI Functional Testing Plugin Moderate
CVE-2020-2250 was published for org.jenkins-ci.plugins:soapui-pro-functional-testing (Maven) May 24, 2022
NotMyFault
Jenkins wildFly Deployer Plugin stores credentials in plain text Moderate
CVE-2019-1003072 was published for org.jenkins-ci.plugins:wildfly-deployer (Maven) May 13, 2022
Jenkins Trac Publisher Plugin stores credentials in plain text Moderate
CVE-2019-1003067 was published for org.jenkins-ci.plugins:trac-publisher-plugin (Maven) May 13, 2022
Jenkins VMware vRealize Automation Plugin Missing Encryption of Sensitive Data Moderate
CVE-2019-1003068 was published for com.inkysea.vmware.vra:vmware-vrealize-automation-plugin (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database