Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

532 advisories

Loading
Jenkins Sofy.AI Plugin stores API token in plain text Moderate
CVE-2019-10447 was published for io.jenkins.plugins:sofy-ai (Maven) May 24, 2022
Cleartext Storage of Sensitive Information in Jenkins Extensive Testing Plugin High
CVE-2019-10448 was published for jenkins.xtc:extensivetesting (Maven) May 24, 2022
Dell ImageAssist versions prior to 8.7.15 contain an information disclosure vulnerability. Dell... High Unreviewed
CVE-2019-3767 was published May 24, 2022
A security vulnerability exists in Zingbox Inspector versions 1.294 and earlier, that results in... High Unreviewed
CVE-2019-15023 was published May 24, 2022
Centreon Sensitive Data Exposure Moderate
CVE-2019-17106 was published for centreon/centreon (Composer) May 24, 2022
DingTalk Plugin stores credentials in plain text Low
CVE-2019-10433 was published for io.jenkins.plugins:dingding-notifications (Maven) May 24, 2022
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it... Moderate Unreviewed
CVE-2019-15947 was published May 24, 2022
Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K running firmware versions prior... Moderate Unreviewed
CVE-2019-3753 was published May 24, 2022
TronLink Wallet 2.2.0 stores user wallet keystore in plaintext and places them in insecure... Critical Unreviewed
CVE-2019-13096 was published May 24, 2022
Jenkins Caliper CI Plugin stores credentials in plain text Moderate
CVE-2019-10351 was published for com.brianfromoregon:caliper-ci (Maven) May 24, 2022
Jenkins Port Allocator Plugin stores credentials in plain text Moderate
CVE-2019-10350 was published for org.jenkins-ci.plugins:port-allocator (Maven) May 24, 2022
Jenkins Gogs Plugin stored credentials in plain text Moderate
CVE-2019-10348 was published for org.jenkins-ci.plugins:gogs-webhook (Maven) May 24, 2022
Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to... Moderate Unreviewed
CVE-2019-5810 was published May 24, 2022
IBM Maximo Asset Management 7.6 could allow a an authenticated user to replace a target page with... Moderate Unreviewed
CVE-2018-2028 was published May 24, 2022
iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface,... Moderate Unreviewed
CVE-2018-20008 was published May 24, 2022
IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain... Moderate Unreviewed
CVE-2022-22484 was published May 18, 2022
SepCity Classified Ads stores the admin password in cleartext in data/classifieds.mdb, which... Moderate Unreviewed
CVE-2008-6157 was published May 17, 2022
In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to... High Unreviewed
CVE-2018-9065 was published May 13, 2022
Plaintext Storage of Sensitive Information in Laravel Log Viewer before v0.13.0 High
CVE-2018-8947 was published for rap2hpoutre/laravel-log-viewer (Composer) May 13, 2022
PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files. On non... Moderate Unreviewed
CVE-2018-19279 was published May 13, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before... Critical Unreviewed
CVE-2018-18641 was published May 13, 2022
Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management... Critical Unreviewed
CVE-2018-18394 was published May 13, 2022
An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally... Moderate Unreviewed
CVE-2018-11242 was published May 13, 2022
The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital... Moderate Unreviewed
CVE-2018-10812 was published May 13, 2022
The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of... Moderate Unreviewed
CVE-2017-2723 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database