Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

518 advisories

Loading
Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Incorrect... Moderate Unreviewed
CVE-2018-17871 was published May 13, 2022
Jenkins AppDynamics Dashboard Plugin has insufficiently protected credentials Moderate
CVE-2019-1003039 was published for org.jenkins-ci.plugins:appdynamics-dashboard (Maven) May 13, 2022
ECS Publisher Plugin stored and displayed API token in plain text Moderate
CVE-2019-1003045 was published for de.eacg:ecs-publisher (Maven) May 13, 2022
Jenkins Diawi Upload Plugin stores credentials in plain text Moderate
CVE-2019-10284 was published for org.jenkins-ci.plugins:diawi-upload (Maven) May 13, 2022
Jenkins DeployHub Plugin stores credentials in plain text Moderate
CVE-2019-10286 was published for com.openmake:deployhub (Maven) May 13, 2022
Jenkins mabl Plugin stores credentials in plain text Moderate
CVE-2019-10283 was published for com.mabl.integration.jenkins:mabl-integration (Maven) May 13, 2022
Jenkins Klaros-Testmanagement Plugin stores credentials in plain text Moderate
CVE-2019-10282 was published for hudson.plugins.klaros:klaros-testmanagement (Maven) May 13, 2022
Jenkins crittercism-dsym Plugin stores API key in plain text Moderate
CVE-2019-10295 was published for org.jenkins-ci.plugins:crittercism-dsym (Maven) May 13, 2022
Users with Site-level permissions can access files containing the username-encrypted passwords of... Moderate Unreviewed
CVE-2019-5615 was published May 13, 2022
The installation process in IBM Security AppScan Enterprise 8.x before 8.6.0.2 iFix 003, 8.7.x... Moderate Unreviewed
CVE-2014-4806 was published May 13, 2022
ownCloud iOS app before 3.4.4 does not properly switch state between multiple instances, which... Moderate Unreviewed
CVE-2015-5955 was published May 13, 2022
The IBM Security Access Manager appliance includes configuration files that contain obfuscated... Moderate Unreviewed
CVE-2015-5013 was published May 13, 2022
Schneider Electric StruxureWare Building Expert MPM before 2.15 does not use encryption for the... Moderate Unreviewed
CVE-2015-3962 was published May 13, 2022
An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and... Moderate Unreviewed
CVE-2016-9360 was published May 13, 2022
A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4... Moderate Unreviewed
CVE-2017-12127 was published May 13, 2022
D-Link DIR-100 4.03B07 has PPTP and poe information disclosure Moderate Unreviewed
CVE-2013-7055 was published May 5, 2022
D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script Moderate Unreviewed
CVE-2013-7052 was published May 5, 2022
CloudForms stores user passwords in recoverable format Moderate Unreviewed
CVE-2013-4423 was published May 5, 2022
Claws Mail vCalendar plugin: credentials exposed on interface Moderate Unreviewed
CVE-2012-5527 was published Apr 23, 2022
A malicious actor having access to the exported configuration file may obtain the stored... Moderate Unreviewed
CVE-2022-27179 was published Apr 21, 2022
A flaw was found in Ansible Galaxy Collections. When collections are built manually, any files in... Moderate Unreviewed
CVE-2021-3681 was published Apr 19, 2022
Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An... Moderate Unreviewed
CVE-2022-22550 was published Apr 13, 2022
Private key stored in plain text by Jenkins Google Compute Engine Plugin Moderate
CVE-2022-29052 was published for org.jenkins-ci.plugins:google-compute-engine (Maven) Apr 13, 2022
NotMyFault
An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. There is storage of Passwords in a... Moderate Unreviewed
CVE-2021-45892 was published Apr 6, 2022
In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields Moderate Unreviewed
CVE-2022-28651 was published Apr 6, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database