Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

415 advisories

Loading
Missing permission check in Jenkins Gerrit Trigger Plugin Moderate
CVE-2019-16552 was published for com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger (Maven) May 24, 2022
Missing permission check in Jenkins Build Failure Analyzer Plugin Moderate
CVE-2019-16554 was published for com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (Maven) May 24, 2022
Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow... Moderate Unreviewed
CVE-2023-28870 was published Dec 9, 2023
Improper permission checks in Jenkins Copy Artifact Plugin Moderate
CVE-2020-2183 was published for org.jenkins-ci.plugins:copyartifact (Maven) May 24, 2022
NotMyFault
Jenkins Libvirt Slaves Plugin vlnerable to Credential Enumeration Moderate
CVE-2019-10473 was published for org.jenkins-ci.plugins:libvirt-slave (Maven) May 24, 2022
Jenkins Libvirt Slaves Plugin vlnerable to Incorrect Default Permissions Moderate
CVE-2019-10472 was published for org.jenkins-ci.plugins:libvirt-slave (Maven) May 24, 2022
A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows... Moderate Unreviewed
CVE-2023-5536 was published Dec 12, 2023
Moodle default permissions too permissive Moderate
CVE-2012-1157 was published for moodle/moodle (Composer) Apr 23, 2022
Parameterized Trigger Plugin fails to check Item/Build permission Moderate
CVE-2017-1000084 was published for org.jenkins-ci.plugins:parameterized-trigger (Maven) May 13, 2022
Incorrect permission checks in Jenkins Support Core Plugin Moderate
CVE-2022-45383 was published for org.jenkins-ci.plugins:support-core (Maven) Nov 16, 2022
NotMyFault
[PROBLEMTYPE] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT]. Moderate Unreviewed
CVE-2022-45793 was published Jan 10, 2024
Magento incorrect permissions vulnerability in the Integrations component Moderate
CVE-2020-24402 was published for magento/community-edition (Composer) May 24, 2022
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows (Hitachi Tuning... Moderate Unreviewed
CVE-2023-6457 was published Jan 16, 2024
Moodle Incorrect Default Settings Moderate
CVE-2011-4285 was published for moodle/moodle (Composer) May 13, 2022
Incorrect default permissions in some Intel Integrated Sensor Hub (ISH) driver for Windows 10 for... Moderate Unreviewed
CVE-2023-29244 was published Jan 19, 2024
A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID... Moderate Unreviewed
CVE-2024-0770 was published Jan 22, 2024
An insufficient permission check vulnerability exists in Pulse Connect Secure <9.1R8 that allows... Moderate Unreviewed
CVE-2020-8219 was published May 24, 2022
Incorrect Default Permissions in log4js Moderate
CVE-2022-21704 was published for log4js (npm) Jan 21, 2022
lamweili ranjit-git
A vulnerability has been reported in Suite Setups built with versions prior to InstallShield 2023... Moderate Unreviewed
CVE-2023-29081 was published Jan 26, 2024
Missing permission checks in AWS Credentials Plugin Moderate
CVE-2022-27199 was published for org.jenkins-ci.plugins:aws-credentials (Maven) Mar 16, 2022
Jenkins Build Step Plugin fails to check Item/Build permission Moderate
CVE-2017-1000089 was published for org.jenkins-ci.plugins:pipeline-build-step (Maven) May 13, 2022
CSRF vulnerability in Jenkins Coverity Plugin allow capturing credentials Moderate
CVE-2023-23848 was published for org.jenkins-ci.plugins:synopsys-coverity (Maven) Feb 15, 2023
Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio... Moderate Unreviewed
CVE-2022-4964 was published Jan 24, 2024
Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incorrect default permissions... Moderate Unreviewed
CVE-2024-22430 was published Feb 1, 2024
A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to... Moderate Unreviewed
CVE-2023-20043 was published Jan 20, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database