GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
92 advisories
Filter by severity
Credentials stored in plain text by Zephyr Enterprise Test Management Plugin
Low
CVE-2020-2145
was published
for
org.jenkins-ci.plugins:zephyr-enterprise-test-management
(Maven)
May 24, 2022
Token stored in plain text by DigitalOcean Plugin
Low
CVE-2020-2126
was published
for
com.dubture.jenkins:digitalocean-plugin
(Maven)
May 24, 2022
Credential stored in plain text by BMC Release Package and Deployment Plugin
Low
CVE-2020-2127
was published
for
RPD:bmc-rpd
(Maven)
May 24, 2022
Credentials stored in plain text by debian-package-builder Plugin
Low
CVE-2020-2125
was published
for
ru.yandex.jenkins.plugins.debuilder:debian-package-builder
(Maven)
May 24, 2022
Jenkins S3 Publisher Plugin transmits credentials in plain text during configuration
Low
CVE-2020-2114
was published
for
org.jenkins-ci.plugins:s3
(Maven)
May 24, 2022
Client secret transmitted in plain text by Azure AD Plugin
Low
CVE-2020-2119
was published
for
org.jenkins-ci.plugins:azure-ad
(Maven)
May 24, 2022
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a...
Low
Unreviewed
CVE-2020-8632
was published
May 24, 2022
In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the...
Low
Unreviewed
CVE-2019-18615
was published
May 24, 2022
A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave...
Low
Unreviewed
CVE-2019-8522
was published
May 24, 2022
Jenkins Weibo Plugin stores credentials unencrypted in its global configuration file
Low
CVE-2019-16572
was published
for
org.jenkins-ci.plugins:weibo
(Maven)
May 24, 2022
Jenkins elOyente Plugin has Insufficiently Protected Credentials
Low
CVE-2019-10424
was published
for
com.technicolor:elOyente
(Maven)
May 24, 2022
Jenkins Assembla Plugin has Insufficiently Protected Credentials
Low
CVE-2019-10420
was published
for
org.jenkins-ci.plugins:assembla
(Maven)
May 24, 2022
Jenkins CodeScan Plugin has Insufficiently Protected Credentials
Low
CVE-2019-10423
was published
for
com.villagechief.codescan.jenkins:codescan
(Maven)
May 24, 2022
Jenkins vFabric Application Director Plugin Insufficiently Protected Credentials
Low
CVE-2019-10419
was published
for
org.jenkins-ci.plugins:application-director-plugin
(Maven)
May 24, 2022
Jenkins Beaker Builder Plugin has Insufficiently Protected Credentials
Low
CVE-2019-10398
was published
for
org.jenkins-ci.plugins:beaker-builder
(Maven)
May 24, 2022
Jenkins TestLink Plugin stores credentials in plain text
Low
CVE-2019-10378
was published
for
org.jenkins-ci.plugins:testlink
(Maven)
May 24, 2022
Jenkins Maven Release Plug-in Plugin stored credentials in plain text
Low
CVE-2019-10361
was published
for
org.jenkins-ci.plugins.m2release:m2release
(Maven)
May 24, 2022
Insufficient password protection in the attestation database for Open CIT may allow an...
Low
Unreviewed
CVE-2019-0183
was published
May 24, 2022
Insufficient password protection in the attestation database for Open CIT may allow an...
Low
Unreviewed
CVE-2019-0182
was published
May 24, 2022
Insufficient password protection in the attestation database for Open CIT may allow an...
Low
Unreviewed
CVE-2019-0178
was published
May 24, 2022
Jenkins Azure AD Plugin stored the client secret unencrypted
Low
CVE-2019-10318
was published
for
org.jenkins-ci.plugins:azure-ad
(Maven)
May 24, 2022
Jenkins Twitter Plugin stores credentials in plain text
Low
CVE-2019-10313
was published
for
org.jenkins-ci.plugins:twitter
(Maven)
May 24, 2022
Jenkins Aqua MicroScanner Plugin stored credentials in plain text
Low
CVE-2019-10316
was published
for
org.jenkins-ci.plugins:aqua-microscanner
(Maven)
May 24, 2022
Jenkins Azure PublisherSettings Credentials Plugin stored credentials in plain text
Low
CVE-2019-10303
was published
for
org.jenkins-ci.plugins:azure-publishersettings-credentials
(Maven)
May 24, 2022
python-keystoneclient vulnerable to context confusion in Keystone auth_token middleware
Low
CVE-2014-0105
was published
for
python-keystoneclient
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API