Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

93 advisories

Loading
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14426 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14430 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14428 was published May 24, 2022
BIOTRONIK CardioMessenger II, The affected products use individual per-device credentials that... Low Unreviewed
CVE-2019-18256 was published May 24, 2022
Password stored in plain text by Jenkins HP ALM Quality Center Plugin Low
CVE-2020-2218 was published for org.jenkins-ci.plugins:hp-quality-center (Maven) May 24, 2022
NotMyFault
"BigFix Platform is storing clear text credentials within the system's memory. An attacker who is... Low Unreviewed
CVE-2020-4095 was published May 24, 2022
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same... Low Unreviewed
CVE-2020-15054 was published May 24, 2022
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same... Low Unreviewed
CVE-2020-15058 was published May 24, 2022
DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same... Low Unreviewed
CVE-2020-15062 was published May 24, 2022
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When... Low Unreviewed
CVE-2020-17489 was published May 24, 2022
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac... Low Unreviewed
CVE-2020-7306 was published May 24, 2022
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac... Low Unreviewed
CVE-2020-7307 was published May 24, 2022
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and... Low Unreviewed
CVE-2020-15791 was published May 24, 2022
An issue was discovered in the Login Password feature of the Password Manager component in Avast... Low Unreviewed
CVE-2020-15024 was published May 24, 2022
Password stored in plain text by Jenkins couchdb-statistics Plugin Low
CVE-2020-2291 was published for org.jenkins-ci.plugins:couchdb-statistics (Maven) May 24, 2022
NotMyFault
Access token stored in plain text by Jenkins SMS Notification Plugin Low
CVE-2020-2297 was published for com.hoiio.jenkins:sms (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Jenkins AppSpider Plugin Low
CVE-2020-2314 was published for com.rapid7:jenkinsci-appspider-plugin (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Jenkins VMware Lab Manager Slaves Plugin Low
CVE-2020-2319 was published for org.jenkins-ci.plugins:labmanager (Maven) May 24, 2022
NotMyFault
An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions... Low Unreviewed
CVE-2021-36170 was published May 24, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores user credentials in plain in... Low Unreviewed
CVE-2019-4307 was published May 24, 2022
Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in... Low Unreviewed
CVE-2020-7299 was published May 24, 2022
Squash TM Publisher (Squash4Jenkins) Plugin stores passwords stored in plain text Low
CVE-2022-34213 was published for org.jenkins-ci.plugins:squashtm-publisher (Maven) Jun 24, 2022
westonsteimel NotMyFault
Plaintext Storage of a Password in Jenkins Build Notifications Plugin Low
CVE-2022-34800 was published for tools.devnull:build-notifications (Maven) Jul 1, 2022
NotMyFault
Plaintext Storage of a Password in Jenkins RocketChat Notifier Plugin Low
CVE-2022-34802 was published for org.jenkins-ci.plugins:rocketchatnotifier (Maven) Jul 1, 2022
NotMyFault
Plaintext Storage of a Password in Jenkins Deployment Dashboard Plugin Low
CVE-2022-34799 was published for org.jenkins-ci.plugins:ec2-deployment-dashboard (Maven) Jul 1, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database