Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

312 advisories

Loading
Jenkins Fortify on Demand Plugin stores credentials in plain text Moderate
CVE-2019-10449 was published for org.jenkins-ci.plugins:fortify-on-demand-uploader (Maven) May 24, 2022
Jenkins View26 Test-Reporting Plugin stores access token in plain text Moderate
CVE-2019-10452 was published for org.jenkins-ci.plugins:view26 (Maven) May 24, 2022
Jenkins SOASTA CloudTest Plugin stores API token in plain text Moderate
CVE-2019-10451 was published for com.soasta.jenkins:cloudtest (Maven) May 24, 2022
Jenkins Sofy.AI Plugin stores API token in plain text Moderate
CVE-2019-10447 was published for io.jenkins.plugins:sofy-ai (Maven) May 24, 2022
Centreon Sensitive Data Exposure Moderate
CVE-2019-17106 was published for centreon/centreon (Composer) May 24, 2022
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it... Moderate Unreviewed
CVE-2019-15947 was published May 24, 2022
Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K running firmware versions prior... Moderate Unreviewed
CVE-2019-3753 was published May 24, 2022
Jenkins Caliper CI Plugin stores credentials in plain text Moderate
CVE-2019-10351 was published for com.brianfromoregon:caliper-ci (Maven) May 24, 2022
Jenkins Gogs Plugin stored credentials in plain text Moderate
CVE-2019-10348 was published for org.jenkins-ci.plugins:gogs-webhook (Maven) May 24, 2022
Jenkins Port Allocator Plugin stores credentials in plain text Moderate
CVE-2019-10350 was published for org.jenkins-ci.plugins:port-allocator (Maven) May 24, 2022
Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to... Moderate Unreviewed
CVE-2019-5810 was published May 24, 2022
IBM Maximo Asset Management 7.6 could allow a an authenticated user to replace a target page with... Moderate Unreviewed
CVE-2018-2028 was published May 24, 2022
iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface,... Moderate Unreviewed
CVE-2018-20008 was published May 24, 2022
IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain... Moderate Unreviewed
CVE-2022-22484 was published May 18, 2022
SepCity Classified Ads stores the admin password in cleartext in data/classifieds.mdb, which... Moderate Unreviewed
CVE-2008-6157 was published May 17, 2022
PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files. On non... Moderate Unreviewed
CVE-2018-19279 was published May 13, 2022
An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally... Moderate Unreviewed
CVE-2018-11242 was published May 13, 2022
The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital... Moderate Unreviewed
CVE-2018-10812 was published May 13, 2022
The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of... Moderate Unreviewed
CVE-2017-2723 was published May 13, 2022
WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous... Moderate Unreviewed
CVE-2017-14990 was published May 13, 2022
EasyLobby Solo could allow a local attacker to obtain sensitive information, caused by the... Moderate Unreviewed
CVE-2018-17489 was published May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local attacker to obtain... Moderate Unreviewed
CVE-2018-1621 was published May 13, 2022
In Rapid7 Komand version 0.41.0 and prior, certain endpoints that are able to list the always... Moderate Unreviewed
CVE-2018-5559 was published May 13, 2022
An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81... Moderate Unreviewed
CVE-2019-5765 was published May 13, 2022
Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee... Moderate Unreviewed
CVE-2019-3606 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database