GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,057
Maven
5,000+
npm
3,742
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
190 advisories
Filter by severity
The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world...
Moderate
Unreviewed
CVE-2011-3151
was published
Apr 22, 2022
A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG)...
Moderate
Unreviewed
CVE-2022-20805
was published
Apr 22, 2022
Jenkins Pipeline: Deprecated Groovy Libraries Plugin Protection Mechanism Failure
High
CVE-2022-25181
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
(Maven)
Feb 16, 2022
Jenkins Pipeline: Deprecated Groovy Libraries Plugin Protection Mechanism Failure
High
CVE-2022-25183
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
(Maven)
Feb 16, 2022
Jenkins Pipeline: Deprecated Groovy Libraries Plugin Protection Mechanism Failure
High
CVE-2022-25182
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
(Maven)
Feb 16, 2022
Agent-to-controller security bypass in Jenkins HashiCorp Vault Plugin
Low
CVE-2022-25186
was published
for
com.datapipe.jenkins.plugins:hashicorp-vault-plugin
(Maven)
Feb 16, 2022
Agent-to-controller security bypass in Jenkins HashiCorp Vault Plugin allows reading arbitrary files
Moderate
CVE-2022-25197
was published
for
com.datapipe.jenkins.plugins:hashicorp-vault-plugin
(Maven)
Feb 16, 2022
A Protection Mechanism Failure vulnerability in the REST API of Juniper Networks Contrail Service...
Moderate
Unreviewed
CVE-2022-22152
was published
Jan 20, 2022
Agent-to-controller security bypass in Jenkins Debian Package Builder Plugin
High
CVE-2022-23118
was published
for
ru.yandex.jenkins.plugins.debuilder:debian-package-builder
(Maven)
Jan 13, 2022
Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled...
Moderate
Unreviewed
CVE-2021-36310
was published
Nov 21, 2021
A user without PR can reset user authentication failures information
Low
CVE-2021-32729
was published
for
org.xwiki.platform:xwiki-platform-security-authentication-script
(Maven)
Jul 2, 2021
Context isolation bypass in Electron
Low
CVE-2020-15215
was published
for
electron
(npm)
Oct 6, 2020
Denial of Service in http-proxy
High
GHSA-6x33-pw7p-hmpq
was published
for
http-proxy
(npm)
Sep 4, 2020
Jinja2 sandbox escape via string formatting
High
CVE-2019-10906
was published
for
Jinja2
(pip)
Apr 10, 2019
ProTip!
Advisories are also available from the
GraphQL API