Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

140 advisories

Loading
A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center ... Moderate Unreviewed
CVE-2021-1126 was published May 24, 2022
Passwords stored in plain text by Mail Commander Plugin for Jenkins-ci Plugin Moderate
CVE-2020-2318 was published for org.jenkins-ci.plugins:mailcommander (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Jenkins VMware Lab Manager Slaves Plugin Low
CVE-2020-2319 was published for org.jenkins-ci.plugins:labmanager (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Jenkins AppSpider Plugin Low
CVE-2020-2314 was published for com.rapid7:jenkinsci-appspider-plugin (Maven) May 24, 2022
NotMyFault
Passwords stored in plain text by Jenkins ReadyAPI Functional Testing Plugin Moderate
CVE-2020-2250 was published for org.jenkins-ci.plugins:soapui-pro-functional-testing (Maven) May 24, 2022
NotMyFault
Secret stored in plain text by Jenkins Parameterized Remote Trigger Plugin Low
CVE-2020-2239 was published for org.jenkins-ci.plugins:Parameterized-Remote-Trigger (Maven) May 24, 2022
NotMyFault
Credentials stored in plain text by Jenkins tfs Plugin Low
CVE-2020-2249 was published for org.jenkins-ci.plugins:tfs (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Jenkins HP ALM Quality Center Plugin Low
CVE-2020-2218 was published for org.jenkins-ci.plugins:hp-quality-center (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Jenkins TestComplete support Plugin Moderate
CVE-2020-2209 was published for org.jenkins-ci.plugins:TestComplete (Maven) May 24, 2022
NotMyFault
Secret stored in plain text by Jenkins GitHub Coverage Reporter Plugin Moderate
CVE-2020-2212 was published for io.jenkins.plugins:github-coverage-reporter (Maven) May 24, 2022
NotMyFault
Credentials stored in plain text by Jenkins White Source Plugin Moderate
CVE-2020-2213 was published for org.jenkins-ci.plugins:whitesource (Maven) May 24, 2022
NotMyFault
Secret stored in plain text by Jenkins Slack Upload Plugin Moderate
CVE-2020-2208 was published for org.jenkins-ci.plugins:slack-uploader (Maven) May 24, 2022
NotMyFault
Credentials stored in plain text by Jenkins Copr Plugin Moderate
CVE-2020-2177 was published for org.fedoraproject.jenkins.plugins:copr (Maven) May 24, 2022
NotMyFault
Jenkins Zephyr for JIRA Test Management Plugin stores credentials in plain text Low
CVE-2020-2154 was published for org.jenkins-ci.plugins:zephyr-for-jira-test-management (Maven) May 24, 2022
NotMyFault
Credentials stored in plain text by Zephyr Enterprise Test Management Plugin Low
CVE-2020-2145 was published for org.jenkins-ci.plugins:zephyr-enterprise-test-management (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Applatix Plugin Moderate
CVE-2020-2133 was published for com.applatix.jenkins:applatix (Maven) May 24, 2022
NotMyFault
Passwords stored in plain text by Harvest SCM Plugin Moderate
CVE-2020-2131 was published for org.jenkins-ci.plugins:harvest (Maven) May 24, 2022
NotMyFault
Passwords stored in plain text by Harvest SCM Plugin Moderate
CVE-2020-2130 was published for org.jenkins-ci.plugins:harvest (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Parasoft Environment Manager Plugin Moderate
CVE-2020-2132 was published for com.parasoft:environment-manager (Maven) May 24, 2022
NotMyFault
Credentials stored in plain text by debian-package-builder Plugin Low
CVE-2020-2125 was published for ru.yandex.jenkins.plugins.debuilder:debian-package-builder (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Dynamic Extended Choice Parameter Plugin Moderate
CVE-2020-2124 was published for com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter (Maven) May 24, 2022
NotMyFault
Credential stored in plain text by BMC Release Package and Deployment Plugin Low
CVE-2020-2127 was published for RPD:bmc-rpd (Maven) May 24, 2022
NotMyFault
Password stored in plain text by ECX Copy Data Management Plugin Moderate
CVE-2020-2128 was published for com.catalogic.ecxjenkins:catalogic-ecx (Maven) May 24, 2022
NotMyFault
Plaintext Storage of a Password in Jenkins Eagle Tester Plugin Moderate
CVE-2020-2129 was published for com.mobileenerlytics.eagle.tester:eagle-tester (Maven) May 24, 2022
Token stored in plain text by DigitalOcean Plugin Low
CVE-2020-2126 was published for com.dubture.jenkins:digitalocean-plugin (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database