Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

20,562 advisories

Loading
Missing permission check in Jenkins Avatar Plugin Moderate
CVE-2019-10377 was published for net.hurstfrost.jenkins:avatar (Maven) May 24, 2022
Jenkins Gitlab Authentication Plugin Open Redirect vulnerability Moderate
CVE-2019-10372 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) May 24, 2022
Insertion of Sensitive Information into Log File in Jenkins Mask Passwords Plugin Moderate
CVE-2019-10370 was published for org.jenkins-ci.plugins:mask-passwords (Maven) May 24, 2022
Jenkins PegDown Formatter Plugin has Cross-site Scripting vulnerability Moderate
CVE-2019-10374 was published for org.jenkins-ci.plugins:pegdown-formatter (Maven) May 24, 2022
secjoker
Jenkins Gitlab Authentication Plugin vulnerable to Session Fixation High
CVE-2019-10371 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) May 24, 2022
Jenkins Codefresh Integration Plugin Improper Certificate Validation vulnerability Moderate
CVE-2019-10381 was published for org.jenkins-ci.plugins:codefresh (Maven) May 24, 2022
Jenkins Wall Display Plugin Cross-site Scripting vulnerability Moderate
CVE-2019-10376 was published for org.jenkins-ci.plugins:jenkinswalldisplay (Maven) May 24, 2022
Insertion of Sensitive Information into Log File in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10367 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
PHP JOSE Library by Gree Inc. Uses a Broken or Risky Cryptographic Algorithm High
CVE-2016-5431 was published for gree/jose (Composer) May 24, 2022
TeamPass Cross-site Scripting (XSS) Moderate
CVE-2019-12950 was published for nilsteampassnet/teampass (Composer) May 24, 2022
Magento 2 Community Edition Information Leak High
CVE-2019-7951 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Access Control Bypass High
CVE-2019-7950 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition CSRF vulnerability Moderate
CVE-2019-7947 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7938 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7935 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition RCE Vulnerability High
CVE-2019-7932 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Unrestricted File Upload High
CVE-2019-7930 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7936 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7937 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7944 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7945 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Cross-site Scripting Vulnerability Moderate
CVE-2019-7940 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition RCE High
CVE-2019-7942 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7934 was published for magento/community-edition (Composer) May 24, 2022
Magento Reflected cross-site scripting on customer cart page Moderate
CVE-2019-7939 was published for magento/community-edition (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database