Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

189 advisories

Loading
Sandbox bypass vulnerabilities in Jenkins Script Security Plugin and in Pipeline: Groovy Plugin High
CVE-2022-43404 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) Oct 19, 2022
NotMyFault
Unpreventable top-level navigation High
CVE-2020-15174 was published for electron (npm) Oct 6, 2020
masatokinugawa
Script security sandbox bypass in Jenkins Email Extension Plugin Critical
CVE-2019-1003032 was published for org.jenkins-ci.plugins:email-ext (Maven) May 13, 2022
westonsteimel
Agent-to-controller security bypass in Jenkins xUnit Plugin Moderate
CVE-2022-34181 was published for org.jenkins-ci.plugins:xunit (Maven) Jun 24, 2022
NotMyFault
Jenkins Compuware Topaz for Total Test Plugin vulnerable to Protection Mechanism Failure High
CVE-2022-43429 was published for com.compuware.jenkins:compuware-topaz-for-total-test (Maven) Oct 19, 2022
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access... Critical Unreviewed
CVE-2021-32835 was published May 24, 2022
A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings... Moderate Unreviewed
CVE-2021-1517 was published May 24, 2022
Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled... Moderate Unreviewed
CVE-2021-36310 was published Nov 21, 2021
This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 prior... High Unreviewed
CVE-2021-27245 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Moderate Unreviewed
CVE-2019-13924 was published May 24, 2022
A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP... High Unreviewed
CVE-2020-28396 was published May 24, 2022
Protection Mechanism Failure in Jenkins Script Security Plugin High
CVE-2019-1003000 was published for org.jenkins-ci.plugins:script-security (Maven) May 13, 2022
A user without PR can reset user authentication failures information Low
CVE-2021-32729 was published for org.xwiki.platform:xwiki-platform-security-authentication-script (Maven) Jul 2, 2021
Context isolation bypass in Electron Low
CVE-2020-15215 was published for electron (npm) Oct 6, 2020
nornagon MarshallOfSound
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database