GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,436
Maven
5,000+
npm
5,000+
NuGet
883
pip
4,694
Pub
13
RubyGems
1,029
Rust
1,212
Swift
53
Unreviewed advisories
All unreviewed
5,000+
1,287 advisories
Filter by severity
Jenkins DeployHub Plugin stores credentials in plain text
Moderate
CVE-2019-10286
was published
for
com.openmake:deployhub
(Maven)
May 13, 2022
Jenkins Diawi Upload Plugin stores credentials in plain text
Moderate
CVE-2019-10284
was published
for
org.jenkins-ci.plugins:diawi-upload
(Maven)
May 13, 2022
Jenkins mabl Plugin stores credentials in plain text
Moderate
CVE-2019-10283
was published
for
com.mabl.integration.jenkins:mabl-integration
(Maven)
May 13, 2022
Jenkins Minio Storage Plugin stores credentials in plain text
Low
CVE-2019-10285
was published
for
org.jenkins-ci.plugins:minio-storage
(Maven)
May 13, 2022
Jenkins Netsparker Enterprise Scan Plugin stored credentials in plain text
Low
CVE-2019-10291
was published
for
org.jenkins-ci.plugins:netsparker-cloud-scan
(Maven)
May 13, 2022
Jenkins Sametime Plugin stores credentials in plain text
Low
CVE-2019-10297
was published
for
org.jenkins-ci.plugins:sametime
(Maven)
May 13, 2022
Jenkins CloudCoreo DeployTime Plugin stores credentials in plain text
Low
CVE-2019-10299
was published
for
com.cloudcoreo.plugins:cloudcoreo-deploytime
(Maven)
May 13, 2022
Jenkins Koji Plugin stores credentials in plain text
Low
CVE-2019-10298
was published
for
org.jenkins-ci.plugins:koji
(Maven)
May 13, 2022
Jenkins StarTeam Plugin stores credentials in plain text
High
CVE-2019-10277
was published
for
hudson.plugins:starteam
(Maven)
May 13, 2022
Jenkins Klaros-Testmanagement Plugin stores credentials in plain text
Moderate
CVE-2019-10282
was published
for
hudson.plugins.klaros:klaros-testmanagement
(Maven)
May 13, 2022
Jenkins Kmap Plugin stores credentials in plain text
High
CVE-2019-10294
was published
for
org.jenkins-ci.plugins:kmap-jenkins
(Maven)
May 13, 2022
Jenkins Serena SRA Deploy Plugin stores credentials in plain text
Low
CVE-2019-10296
was published
for
com.urbancode.ds.jenkins.plugins:sra-deploy
(Maven)
May 13, 2022
Jenkins crittercism-dsym Plugin stores API key in plain text
Moderate
CVE-2019-10295
was published
for
org.jenkins-ci.plugins:crittercism-dsym
(Maven)
May 13, 2022
Jenkins Relution Enterprise Appstore Publisher Plugin stores credentials in plain text
Low
CVE-2019-10281
was published
for
org.jenkins-ci.plugins:relution-publisher
(Maven)
May 13, 2022
Jenkins Assembla Auth Plugin stores credentials in plain text
High
CVE-2019-10280
was published
for
org.jenkins-ci.plugins:assembla-auth
(Maven)
May 13, 2022
An attacker could retrieve plain-text credentials stored in a XML file on PR100088 Modbus gateway...
High
Unreviewed
CVE-2019-6549
was published
May 13, 2022
Users with Site-level permissions can access files containing the username-encrypted passwords of...
Moderate
Unreviewed
CVE-2019-5615
was published
May 13, 2022
Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently writes authentication...
High
Unreviewed
CVE-2019-3782
was published
May 13, 2022
Cloud Foundry Container Runtime, versions prior to 0.28.0, deploys K8s worker nodes that contains...
High
Unreviewed
CVE-2019-3780
was published
May 13, 2022
Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) and the IM & Presence Service...
Low
Unreviewed
CVE-2013-4869
was published
May 13, 2022
In Puppet Discovery prior to 1.2.0, when running Discovery against Windows hosts, WinRM...
Critical
Unreviewed
CVE-2018-11746
was published
May 13, 2022
When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as...
High
Unreviewed
CVE-2019-0035
was published
May 13, 2022
In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session...
High
Unreviewed
CVE-2018-20781
was published
May 13, 2022
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to...
High
Unreviewed
CVE-2017-9557
was published
May 13, 2022
Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products...
Low
Unreviewed
CVE-2012-3268
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API