Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

99 advisories

Loading
Plaintext Storage of a Password in Jenkins Deployment Dashboard Plugin Low
CVE-2022-34799 was published for org.jenkins-ci.plugins:ec2-deployment-dashboard (Maven) Jul 1, 2022
NotMyFault
Plaintext Storage of a Password in Jenkins RocketChat Notifier Plugin Low
CVE-2022-34802 was published for org.jenkins-ci.plugins:rocketchatnotifier (Maven) Jul 1, 2022
NotMyFault
Squash TM Publisher (Squash4Jenkins) Plugin stores passwords stored in plain text Low
CVE-2022-34213 was published for org.jenkins-ci.plugins:squashtm-publisher (Maven) Jun 24, 2022
westonsteimel NotMyFault
Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in... Low Unreviewed
CVE-2020-7299 was published May 24, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores user credentials in plain in... Low Unreviewed
CVE-2019-4307 was published May 24, 2022
An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions... Low Unreviewed
CVE-2021-36170 was published May 24, 2022
Password stored in plain text by Jenkins VMware Lab Manager Slaves Plugin Low
CVE-2020-2319 was published for org.jenkins-ci.plugins:labmanager (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Jenkins AppSpider Plugin Low
CVE-2020-2314 was published for com.rapid7:jenkinsci-appspider-plugin (Maven) May 24, 2022
NotMyFault
Access token stored in plain text by Jenkins SMS Notification Plugin Low
CVE-2020-2297 was published for com.hoiio.jenkins:sms (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Jenkins couchdb-statistics Plugin Low
CVE-2020-2291 was published for org.jenkins-ci.plugins:couchdb-statistics (Maven) May 24, 2022
NotMyFault
An issue was discovered in the Login Password feature of the Password Manager component in Avast... Low Unreviewed
CVE-2020-15024 was published May 24, 2022
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and... Low Unreviewed
CVE-2020-15791 was published May 24, 2022
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac... Low Unreviewed
CVE-2020-7307 was published May 24, 2022
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac... Low Unreviewed
CVE-2020-7306 was published May 24, 2022
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When... Low Unreviewed
CVE-2020-17489 was published May 24, 2022
DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same... Low Unreviewed
CVE-2020-15062 was published May 24, 2022
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same... Low Unreviewed
CVE-2020-15054 was published May 24, 2022
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same... Low Unreviewed
CVE-2020-15058 was published May 24, 2022
"BigFix Platform is storing clear text credentials within the system's memory. An attacker who is... Low Unreviewed
CVE-2020-4095 was published May 24, 2022
Password stored in plain text by Jenkins HP ALM Quality Center Plugin Low
CVE-2020-2218 was published for org.jenkins-ci.plugins:hp-quality-center (Maven) May 24, 2022
NotMyFault
BIOTRONIK CardioMessenger II, The affected products use individual per-device credentials that... Low Unreviewed
CVE-2019-18256 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14430 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14431 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14427 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14428 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database