Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,697
Erlang
34
GitHub Actions
28
Go
2,289
Maven
5,000+
npm
3,936
NuGet
708
pip
3,706
Pub
12
RubyGems
919
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+

35 advisories

Loading
Jenkins Octopus Deploy Plugin stores credentials in plain text Low
CVE-2019-1003071 was published for hudson.plugins.octopusdeploy:octopusdeploy (Maven) May 13, 2022
Jenkins Aqua Security Scanner Plugin stores credentials in plain text Low
CVE-2019-1003069 was published for org.jenkins-ci.plugins:aqua-security-scanner (Maven) May 13, 2022
For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header.... Low Unreviewed
CVE-2019-19090 was published May 24, 2022
Client Secret stored in plain text by Jenkins GitLab Authentication Plugin Low
CVE-2022-27206 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) Mar 16, 2022
NotMyFault
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan... Low Unreviewed
CVE-2018-6674 was published May 13, 2022
In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices... Low Unreviewed
CVE-2018-8864 was published May 13, 2022
GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may... Low Unreviewed
CVE-2019-1573 was published May 13, 2022
IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through... Low Unreviewed
CVE-2019-4398 was published May 24, 2022
A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed... Low Unreviewed
CVE-2020-8173 was published May 24, 2022
Resources Downloaded over Insecure Protocol in igniteui Low
CVE-2016-10552 was published for igniteui (npm) Feb 18, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database