Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,051 advisories

Loading
An issue was discovered on Xiaomi Mi A1 tissot_sprout:8.1.0/OPM1.171019.026/V9.6.4.0.ODHMIFE... Critical Unreviewed
CVE-2018-18698 was published May 13, 2022
Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain... High Unreviewed
CVE-2018-17500 was published May 13, 2022
An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to... Moderate Unreviewed
CVE-2018-12038 was published May 13, 2022
Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a Other/Unknown vulnerability in... Critical Unreviewed
CVE-2018-1000851 was published May 13, 2022
Jenkins Artifactory Plugin stored old directly entered credentials unencrypted on disk High
CVE-2018-1000424 was published for org.jenkins-ci.plugins:artifactory (Maven) May 13, 2022
Jenkins SonarQube Scanner Plugin stored server authentication token in plain text High
CVE-2018-1000425 was published for org.jenkins-ci.plugins:sonar (Maven) May 13, 2022
Jenkins Crowd 2 Integration Plugin stored credentials in plain text High
CVE-2018-1000423 was published for org.jenkins-ci.plugins:crowd2 (Maven) May 13, 2022
A vulnerability in the web-based management interface of Cisco Unified Communications Manager... High Unreviewed
CVE-2018-0474 was published May 13, 2022
Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Incorrect... Moderate Unreviewed
CVE-2018-17871 was published May 13, 2022
Jenkins AppDynamics Dashboard Plugin has insufficiently protected credentials Moderate
CVE-2019-1003039 was published for org.jenkins-ci.plugins:appdynamics-dashboard (Maven) May 13, 2022
ECS Publisher Plugin stored and displayed API token in plain text Moderate
CVE-2019-1003045 was published for de.eacg:ecs-publisher (Maven) May 13, 2022
Jenkins Repository Connector Plugin has insufficiently protected credentials Low
CVE-2019-1003038 was published for org.jenkins-ci.plugins:repository-connector (Maven) May 13, 2022
Jenkins youtrack-plugin Plugin stored credentials in plain text Low
CVE-2019-10287 was published for org.jenkins-ci.plugins:youtrack-plugin (Maven) May 13, 2022
Jenkins Jabber Server Plugin stores credentials in plain text Low
CVE-2019-10288 was published for de.e-nexus:jabber-server-plugin (Maven) May 13, 2022
Jenkins DeployHub Plugin stores credentials in plain text Moderate
CVE-2019-10286 was published for com.openmake:deployhub (Maven) May 13, 2022
Jenkins mabl Plugin stores credentials in plain text Moderate
CVE-2019-10283 was published for com.mabl.integration.jenkins:mabl-integration (Maven) May 13, 2022
Jenkins Diawi Upload Plugin stores credentials in plain text Moderate
CVE-2019-10284 was published for org.jenkins-ci.plugins:diawi-upload (Maven) May 13, 2022
Jenkins Minio Storage Plugin stores credentials in plain text Low
CVE-2019-10285 was published for org.jenkins-ci.plugins:minio-storage (Maven) May 13, 2022
Jenkins CloudCoreo DeployTime Plugin stores credentials in plain text Low
CVE-2019-10299 was published for com.cloudcoreo.plugins:cloudcoreo-deploytime (Maven) May 13, 2022
Jenkins Koji Plugin stores credentials in plain text Low
CVE-2019-10298 was published for org.jenkins-ci.plugins:koji (Maven) May 13, 2022
Jenkins Sametime Plugin stores credentials in plain text Low
CVE-2019-10297 was published for org.jenkins-ci.plugins:sametime (Maven) May 13, 2022
Jenkins Netsparker Enterprise Scan Plugin stored credentials in plain text Low
CVE-2019-10291 was published for org.jenkins-ci.plugins:netsparker-cloud-scan (Maven) May 13, 2022
Jenkins Klaros-Testmanagement Plugin stores credentials in plain text Moderate
CVE-2019-10282 was published for hudson.plugins.klaros:klaros-testmanagement (Maven) May 13, 2022
Jenkins Relution Enterprise Appstore Publisher Plugin stores credentials in plain text Low
CVE-2019-10281 was published for org.jenkins-ci.plugins:relution-publisher (Maven) May 13, 2022
Jenkins crittercism-dsym Plugin stores API key in plain text Moderate
CVE-2019-10295 was published for org.jenkins-ci.plugins:crittercism-dsym (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database