Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

518 advisories

Loading
Fortify Plugin stored credentials in plain text Moderate
CVE-2020-2107 was published for org.jenkins-ci.plugins:fortify (Maven) May 24, 2022
NotMyFault
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where... Moderate Unreviewed
CVE-2019-19696 was published May 24, 2022
An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. An... Moderate Unreviewed
CVE-2019-19857 was published May 24, 2022
Redgate SQL Change Automation Plugin stored credentials in plain text Moderate
CVE-2020-2095 was published for com.redgate.plugins.redgatesqlci:redgate-sql-ci (Maven) May 24, 2022
NotMyFault
An issue was discovered on Cayin SMP-PRO4 devices. A user can discover a saved password by... Moderate Unreviewed
CVE-2020-6954 was published May 24, 2022
An information exposure vulnerability in the external authentication profile form of FortiSIEM 5... Moderate Unreviewed
CVE-2019-6700 was published May 24, 2022
USG9500 with software of V500R001C30SPC100; V500R001C30SPC200; V500R001C30SPC600;... Moderate Unreviewed
CVE-2020-1871 was published May 24, 2022
A flaw was found in the way Red Hat Quay stores robot account tokens in plain text. An attacker... Moderate Unreviewed
CVE-2019-10205 was published May 24, 2022
Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management.... Moderate Unreviewed
CVE-2019-18832 was published May 24, 2022
Jenkins Rundeck Plugin stored credentials in plain text Moderate
CVE-2019-16556 was published for org.jenkins-ci.plugins:rundeck (Maven) May 24, 2022
Jenkins Redgate SQL Change Automation Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-16557 was published for com.redgate.plugins.redgatesqlci:redgate-sql-ci (Maven) May 24, 2022
A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose... Moderate Unreviewed
CVE-2019-10224 was published May 24, 2022
Jenkins QMetry for JIRA Plugin stored credentials in plain text Moderate
CVE-2019-16544 was published for org.jenkins-ci.plugins:qmetry-for-jira-test-management (Maven) May 24, 2022
Jenkins Anchore Container Scanner Plugin vulnerable to Insufficiently Protected Credentials Moderate
CVE-2019-16542 was published for org.jenkins-ci.plugins:anchore-container-scanner (Maven) May 24, 2022
Plex Media Server 1.18.2.2029-36236cc4c allows remote attackers to bypass intended access control... Moderate Unreviewed
CVE-2018-21031 was published May 24, 2022
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware... Moderate Unreviewed
CVE-2019-15801 was published May 24, 2022
Jenkins Sonar Gerrit Plugin stores credentials unencrypted Moderate
CVE-2019-10467 was published for org.jenkins-ci.plugins:sonar-gerrit (Maven) May 24, 2022
Jenkins Mattermost Notification Plugin contains unencrypted storage of secret token Moderate
CVE-2019-10459 was published for org.jenkins-ci.plugins:mattermost (Maven) May 24, 2022
Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using... Moderate Unreviewed
CVE-2019-17497 was published May 24, 2022
An Unprotected Storage of Credentials vulnerability in the identity and access management... Moderate Unreviewed
CVE-2019-0072 was published May 24, 2022
Jenkins Google Calendar Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10425 was published for org.jenkins-ci.plugins:gcal (Maven) May 24, 2022
Jenkins Git Changelog Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10414 was published for de.wellnerbou.jenkins:git-changelog (Maven) May 24, 2022
Jenkins Violation Comments to GitLab Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10415 was published for org.jenkins-ci.plugins:violation-comments-to-gitlab (Maven) May 24, 2022
Violation Comments to GitLab Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10416 was published for org.jenkins-ci.plugins:violation-comments-to-gitlab (Maven) May 24, 2022
Jenkins Azure Event Grid Build Notifier Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10421 was published for org.jenkins-ci.plugins:azure-event-grid-notifier (Maven) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database