Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

34 advisories

Loading
HotelDruid Hotel Management Software v3.0.3 and below was discovered to have exposed session... Low Unreviewed
CVE-2021-42948 was published Sep 17, 2022
Passwords transmitted in plain text by Jenkins Stash Branch Parameter Plugin Low
CVE-2020-2210 was published for org.jenkins-ci.plugins:StashBranchParameter (Maven) May 24, 2022
NotMyFault
On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200,... Low Unreviewed
CVE-2019-0069 was published May 24, 2022
Credentials transmitted in plain text by Jenkins DeployHub Plugin Low
CVE-2020-2156 was published for com.openmake:deployhub (Maven) May 24, 2022
NotMyFault
Credentials transmitted in plain text by Skytap Cloud CI Plugin Low
CVE-2020-2157 was published for org.jenkins-ci.plugins:skytap (Maven) May 24, 2022
NotMyFault
The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon... Low Unreviewed
CVE-2019-19107 was published May 24, 2022
On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7,... Low Unreviewed
CVE-2022-41983 was published Oct 20, 2022
GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows attackers to... Low Unreviewed
CVE-2021-31815 was published May 24, 2022
Jenkins Quality Gates Plugin transmits credentials in plain text during configuration Low
CVE-2020-2151 was published for org.jenkins-ci.plugins:quality-gates (Maven) May 24, 2022
NotMyFault
Jenkins Sonar Quality Gates Plugin transmits credentials in plain text during configuration Low
CVE-2020-2150 was published for org.jenkins-ci.plugins:sonar-quality-gates (Maven) May 24, 2022
NotMyFault
Free5gc v3.2.1 is vulnerable to Information disclosure. Low Unreviewed
CVE-2022-38870 was published Oct 25, 2022
Credentials transmitted in plain text by Repository Connector Plugin Low
CVE-2020-2149 was published for org.jenkins-ci.plugins:repository-connector (Maven) May 24, 2022
NotMyFault
Credentials transmitted in plain text by OpenShift Deployer Plugin Low
CVE-2020-2155 was published for org.jenkins-ci.plugins:openshift-deployer (Maven) May 24, 2022
NotMyFault
BIOTRONIK CardioMessenger II, The affected products transmit credentials in clear-text prior to... Low Unreviewed
CVE-2019-18248 was published May 24, 2022
Exposure of Sensitive Information in Samsung Dialer application?prior to SMR Aug-2022 Release 1... Low Unreviewed
CVE-2022-33724 was published Aug 6, 2022
Passwords transmitted in plain text by Jenkins Artifactory Plugin Low
CVE-2020-2165 was published for org.jenkins-ci.plugins:artifactory (Maven) May 24, 2022
NotMyFault
Jenkins Inedo BuildMaster Plugin showed plain text password in configuration form Low
CVE-2019-10411 was published for com.inedo.proget:inedo-proget (Maven) May 24, 2022
Jenkins QMetry for JIRA Plugin shows plain text password in configuration form Low
CVE-2019-16545 was published for org.jenkins-ci.plugins:qmetry-for-jira-test-management (Maven) May 24, 2022
A vulnerability was found in Intergard SGS 8.7.0. It has been declared as problematic. This... Low Unreviewed
CVE-2023-3763 was published Jul 19, 2023
A vulnerability was found in Intergard SGS 8.7.0 and classified as problematic. Affected by this... Low Unreviewed
CVE-2023-3761 was published Jul 19, 2023
A vulnerability was found in Delta Electronics WPLSoft 2.51. It has been classified as... Low Unreviewed
CVE-2023-5461 was published Oct 9, 2023
A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the... Low Unreviewed
CVE-2023-5035 was published Nov 2, 2023
A vulnerability has been identified in COMOS (All versions < V10.4.4). Caching system in the... Low Unreviewed
CVE-2023-43503 was published Nov 14, 2023
Cleartext Storage of Sensitive Information in Jenkins Build Notifications Plugin Low
CVE-2022-34801 was published for tools.devnull:build-notifications (Maven) Jul 1, 2022
NotMyFault
Jenkins Inedo ProGet Plugin Plugin has Cleartext Transmission of Sensitive Information Low
CVE-2019-10412 was published for com.inedo.proget:inedo-proget (Maven) May 24, 2022
ProTip! Advisories are also available from the GraphQL API