Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

518 advisories

Loading
A vulnerability has been identified in SCALANCE X-200 (All Versions < V5.2.4), SCALANCE X-200IRT ... Moderate Unreviewed
CVE-2019-6567 was published May 24, 2022
Insufficient password protection in the attestation database for Open CIT may allow an... Moderate Unreviewed
CVE-2019-0179 was published May 24, 2022
Insufficient password protection in the attestation database for Open CIT may allow an... Moderate Unreviewed
CVE-2019-0175 was published May 24, 2022
Insufficient password protection in the attestation database for Open CIT may allow an... Moderate Unreviewed
CVE-2019-0180 was published May 24, 2022
Insufficient password protection in the attestation database for Open CIT may allow an... Moderate Unreviewed
CVE-2019-11092 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password in the IBM Spectrum Protect... Moderate Unreviewed
CVE-2019-4385 was published May 24, 2022
The Logitech R500 presentation clicker allows attackers to determine the AES key, leading to... Moderate Unreviewed
CVE-2019-13054 was published May 24, 2022
Jenkins Credentials Binding Plugin Stores Passwords in a Recoverable Format Moderate
CVE-2019-1010241 was published for org.jenkins-ci.plugins:credentials-binding (Maven) May 24, 2022
Plaintext Storage of a Password in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10345 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
Skytap Cloud CI Plugin stored credentials in plain text Moderate
CVE-2019-10366 was published for org.jenkins-ci.plugins:skytap (Maven) May 24, 2022
Jenkins Google Cloud Messaging Notification Plugin stores credentials in plain text Moderate
CVE-2019-10379 was published for org.jenkins-ci.plugins:gcm-notification (Maven) May 24, 2022
Jenkins eggplant-plugin Plugin stores credentials in plain text Moderate
CVE-2019-10385 was published for org.jenkins-ci.plugins:eggplant-plugin (Maven) May 24, 2022
Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K running firmware versions prior... Moderate Unreviewed
CVE-2019-3753 was published May 24, 2022
Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve... Moderate Unreviewed
CVE-2019-13421 was published May 24, 2022
LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the... Moderate Unreviewed
CVE-2019-16371 was published May 24, 2022
An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL... Moderate Unreviewed
CVE-2019-15635 was published May 24, 2022
Jenkins Data Theorem Mobile Security: CI/CD Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10413 was published for com.datatheorem.mobileappsecurity.jenkins.plugin:datatheorem-mobile-app-security (Maven) May 24, 2022
Jenkins Git Changelog Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10414 was published for de.wellnerbou.jenkins:git-changelog (Maven) May 24, 2022
Violation Comments to GitLab Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10416 was published for org.jenkins-ci.plugins:violation-comments-to-gitlab (Maven) May 24, 2022
Jenkins Violation Comments to GitLab Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10415 was published for org.jenkins-ci.plugins:violation-comments-to-gitlab (Maven) May 24, 2022
Jenkins Call Remote Job Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10422 was published for org.ukiuni.callOtherJenkins:call-remote-job-plugin (Maven) May 24, 2022
Jenkins Azure Event Grid Build Notifier Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10421 was published for org.jenkins-ci.plugins:azure-event-grid-notifier (Maven) May 24, 2022
Jenkins Google Calendar Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10425 was published for org.jenkins-ci.plugins:gcal (Maven) May 24, 2022
An Unprotected Storage of Credentials vulnerability in the identity and access management... Moderate Unreviewed
CVE-2019-0072 was published May 24, 2022
Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using... Moderate Unreviewed
CVE-2019-17497 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database