Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

110 advisories

Loading
An Unprotected Storage of Credentials vulnerability in the identity and access management... Moderate Unreviewed
CVE-2019-0072 was published May 24, 2022
DingTalk Plugin stores credentials in plain text Low
CVE-2019-10433 was published for io.jenkins.plugins:dingding-notifications (Maven) May 24, 2022
Jenkins LDAP Email Plugin shows plain text password in configuration form Low
CVE-2019-10434 was published for com.mtvi.plateng.hudson:ldapemail (Maven) May 24, 2022
Plaintext Storage of a Password in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10345 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
A vulnerability has been identified in LOGO!8 BM (All versions). Unencrypted storage of passwords... High Unreviewed
CVE-2019-10921 was published May 24, 2022
Jenkins jira-ext Plugin stores credentials unencrypted High
CVE-2019-10302 was published for org.jenkins-ci.plugins:jira-ext (Maven) May 24, 2022
Plaintext storage in Jenkins instant-messaging Plugin Moderate
CVE-2022-28135 was published for org.jvnet.hudson.plugins:instant-messaging (Maven) Mar 30, 2022
NotMyFault
Personal tokens stored in plain text by Jenkins incapptic connect uploader Plugin Moderate
CVE-2022-27218 was published for com.incapptic.plugins:incapptic-connect-uploader (Maven) Mar 16, 2022
NotMyFault
Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in... Moderate Unreviewed
CVE-2021-36317 was published Dec 22, 2021
Storing Password in Local Storage Moderate
GHSA-wvh7-5p38-2qfc was published for parse (npm) Jul 23, 2020
dplewis pocketcolin
ProTip! Advisories are also available from the GraphQL API