Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

20,614 advisories

Loading
Jenkins vFabric Application Director Plugin Insufficiently Protected Credentials Low
CVE-2019-10419 was published for org.jenkins-ci.plugins:application-director-plugin (Maven) May 24, 2022
Jenkins Azure Event Grid Build Notifier Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10421 was published for org.jenkins-ci.plugins:azure-event-grid-notifier (Maven) May 24, 2022
Jenkins CodeScan Plugin has Insufficiently Protected Credentials Low
CVE-2019-10423 was published for com.villagechief.codescan.jenkins:codescan (Maven) May 24, 2022
Jenkins Inedo ProGet Plugin Plugin has Cleartext Transmission of Sensitive Information Low
CVE-2019-10412 was published for com.inedo.proget:inedo-proget (Maven) May 24, 2022
Missing permission check in Jenkins Project Inheritance Plugin Moderate
CVE-2019-10409 was published for hudson.plugins:project-inheritance (Maven) May 24, 2022
Jenkins Inedo BuildMaster Plugin showed plain text password in configuration form Low
CVE-2019-10411 was published for com.inedo.proget:inedo-proget (Maven) May 24, 2022
Jenkins Project Inheritance Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2019-10408 was published for hudson.plugins:project-inheritance (Maven) May 24, 2022
Jenkins Data Theorem Mobile Security: CI/CD Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10413 was published for com.datatheorem.mobileappsecurity.jenkins.plugin:datatheorem-mobile-app-security (Maven) May 24, 2022
Jenkins Log Parser Plugin vulnerable to Cross-site Scripting Moderate
CVE-2019-10410 was published for org.jenkins-ci.plugins:log-parser (Maven) May 24, 2022
Yii Framework Code Injection High
CVE-2018-8074 was published for yiisoft/yii2-dev (Composer) May 24, 2022
Joomla! XSS in Default Templates Moderate
CVE-2019-16725 was published for joomla/joomla-cms (Composer) May 24, 2022
Devise Token Auth vulnerable to Cross-site Scripting Moderate
CVE-2019-16751 was published for devise_token_auth (RubyGems) May 24, 2022
Use of Insufficiently Random Values in Apereo CAS High
CVE-2019-10754 was published for org.apereo.cas:cas-server-core-services-api (Maven) May 24, 2022
Cross-site Scripting in Apache JSPWiki Moderate
CVE-2019-12407 was published for org.apache.jspwiki:jspwiki-main (Maven) May 24, 2022
Home Assistant information disclosure vulnerability High
CVE-2018-21019 was published for homeassistant (pip) May 24, 2022
Pagekit User enumeration Moderate
CVE-2019-16669 was published for pagekit/pagekit (Composer) May 24, 2022
Drupal Cross Site Scripting (XSS) vulnerability Moderate
CVE-2019-6341 was published for drupal/core (Composer) May 24, 2022
Use of a weak cryptographic algorithm in Gradle Low
CVE-2019-16370 was published for org.gradle:gradle-core (Maven) May 24, 2022
Pimcore RCE via PHAR upload High
CVE-2019-16317 was published for pimcore/pimcore (Composer) May 24, 2022
Pimcore Unrestricted Upload of File with Dangerous Type High
CVE-2019-16318 was published for pimcore/pimcore (Composer) May 24, 2022
Jenkins Dashboard View Plugin vulnerable to Cross-site Scripting Moderate
CVE-2019-10396 was published for org.jenkins-ci.plugins:dashboard-view (Maven) May 24, 2022
Jenkins Beaker Builder Plugin has Insufficiently Protected Credentials Low
CVE-2019-10398 was published for org.jenkins-ci.plugins:beaker-builder (Maven) May 24, 2022
Sandbox bypass vulnerability in Jenkins Script Security Plugin Moderate
CVE-2019-10400 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
Sandbox bypass vulnerability in Jenkins Script Security Plugin Moderate
CVE-2019-10394 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
Sandbox bypass vulnerability in Jenkins Script Security Plugin Moderate
CVE-2019-10399 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database