Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,782
Erlang
36
GitHub Actions
29
Go
2,346
Maven
5,000+
npm
3,976
NuGet
720
pip
3,772
Pub
12
RubyGems
923
Rust
980
Swift
38
Unreviewed advisories
All unreviewed
5,000+

311 advisories

Loading
Jenkins veracode-scanner Plugin stores credentials in plain text Low
CVE-2019-1003070 was published for org.jenkins-ci.plugins:veracode-scanner (Maven) May 13, 2022
Jenkins Amazon SNS Build Notifier Plugin stores credentials in plain text Low
CVE-2019-1003063 was published for org.jenkins-ci.plugins:snsnotify (Maven) May 13, 2022
Jenkins FTP publisher Plugin stores credentials in plain text Low
CVE-2019-1003055 was published for org.jvnet.hudson.plugins:ftppublisher (Maven) May 13, 2022
Jenkins CloudShare Docker-Machine Plugin stores credentials in plain text Low
CVE-2019-1003065 was published for org.jenkins-ci.plugins:cloudshare-docker (Maven) May 13, 2022
Jenkins AWS CloudWatch Logs Publisher Plugin stores credentials in plain text Low
CVE-2019-1003062 was published for org.jenkins-ci.plugins:aws-cloudwatch-logs-publisher (Maven) May 13, 2022
Jenkins Bugzilla Plugin stores credentials in plain text Low
CVE-2019-1003066 was published for org.jvnet.hudson.plugins:bugzilla (Maven) May 13, 2022
Jenkins hyper.sh Commons Plugin stores credentials in plain text Low
CVE-2019-1003074 was published for sh.hyper.plugins:hyper-commons (Maven) May 13, 2022
Jenkins Audit to Database Plugin stores credentials in plain text Low
CVE-2019-1003075 was published for org.jenkins-ci.plugins:audit2db (Maven) May 13, 2022
Jenkins Octopus Deploy Plugin stores credentials in plain text Low
CVE-2019-1003071 was published for hudson.plugins.octopusdeploy:octopusdeploy (Maven) May 13, 2022
Jenkins PRQA Plugin stored password in plain text Low
CVE-2019-1003048 was published for com.programmingresearch:prqa-plugin (Maven) May 13, 2022
Jenkins Repository Connector Plugin has insufficiently protected credentials Low
CVE-2019-1003038 was published for org.jenkins-ci.plugins:repository-connector (Maven) May 13, 2022
Jenkins youtrack-plugin Plugin stored credentials in plain text Low
CVE-2019-10287 was published for org.jenkins-ci.plugins:youtrack-plugin (Maven) May 13, 2022
Jenkins Jabber Server Plugin stores credentials in plain text Low
CVE-2019-10288 was published for de.e-nexus:jabber-server-plugin (Maven) May 13, 2022
Jenkins Minio Storage Plugin stores credentials in plain text Low
CVE-2019-10285 was published for org.jenkins-ci.plugins:minio-storage (Maven) May 13, 2022
Jenkins Sametime Plugin stores credentials in plain text Low
CVE-2019-10297 was published for org.jenkins-ci.plugins:sametime (Maven) May 13, 2022
Jenkins Koji Plugin stores credentials in plain text Low
CVE-2019-10298 was published for org.jenkins-ci.plugins:koji (Maven) May 13, 2022
Jenkins Netsparker Enterprise Scan Plugin stored credentials in plain text Low
CVE-2019-10291 was published for org.jenkins-ci.plugins:netsparker-cloud-scan (Maven) May 13, 2022
Jenkins CloudCoreo DeployTime Plugin stores credentials in plain text Low
CVE-2019-10299 was published for com.cloudcoreo.plugins:cloudcoreo-deploytime (Maven) May 13, 2022
Jenkins Serena SRA Deploy Plugin stores credentials in plain text Low
CVE-2019-10296 was published for com.urbancode.ds.jenkins.plugins:sra-deploy (Maven) May 13, 2022
Jenkins Relution Enterprise Appstore Publisher Plugin stores credentials in plain text Low
CVE-2019-10281 was published for org.jenkins-ci.plugins:relution-publisher (Maven) May 13, 2022
ActiveMQ's OpenWire protocol exposes certain system details as plain text Low
CVE-2017-15709 was published for org.apache.activemq:activemq-openwire-generator (Maven) May 13, 2022
sunSUNQ
Cloud Foundry Runtime has Weak Password Recovery Mechanism for Forgotten Password Low
CVE-2015-3189 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 13, 2022
sunSUNQ
Incorrect Default Permissions in Apache Commons FileUpload Low
CVE-2013-0248 was published for commons-fileupload:commons-fileupload (Maven) May 5, 2022
Jenkins allows attackers to obtain the master cryptographic key Low
CVE-2013-0158 was published for org.jenkins-ci.main:jenkins-core (Maven) May 5, 2022
sunSUNQ
Jenkins allows Cross-Site Scripting (XSS) Low
CVE-2012-0325 was published for org.jenkins-ci.main:jenkins-core (Maven) May 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database