GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
73 advisories
Filter by severity
Protection Mechanism Failure in Jenkins Script Security Plugin
High
CVE-2019-1003000
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 13, 2022
A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP...
High
Unreviewed
CVE-2020-28396
was published
May 24, 2022
This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 prior...
High
Unreviewed
CVE-2021-27245
was published
May 24, 2022
Jenkins Compuware Topaz for Total Test Plugin vulnerable to Protection Mechanism Failure
High
CVE-2022-43429
was published
for
com.compuware.jenkins:compuware-topaz-for-total-test
(Maven)
Oct 19, 2022
Sandbox bypass vulnerabilities in Jenkins Script Security Plugin and in Pipeline: Groovy Plugin
High
CVE-2022-43404
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps
(Maven)
Oct 19, 2022
Sandbox bypass vulnerability in Jenkins Pipeline: Deprecated Groovy Libraries Plugin
High
CVE-2022-43406
was published
for
io.jenkins.plugins:pipeline-groovy-lib
(Maven)
Oct 19, 2022
Content-Security-Policy protection for user content disabled by Jenkins XFramium Builder Plugin
High
CVE-2022-43432
was published
for
org.jenkins-ci.plugins:xframium
(Maven)
Oct 19, 2022
Sandbox bypass vulnerability in Jenkins Pipeline: Groovy Libraries Plugin and Pipeline: Deprecated Groovy Libraries Plugin
High
CVE-2022-43405
was published
for
io.jenkins.plugins:pipeline-groovy-lib
(Maven)
Oct 19, 2022
Content-Security-Policy protection for user content can be disabled in Jenkins 360 FireLine Plugin
High
CVE-2022-43435
was published
for
org.jenkins-ci.plugins.plugin:fireline
(Maven)
Oct 19, 2022
Content-Security-Policy protection for user content disabled by Jenkins ScreenRecorder Plugin
High
CVE-2022-43433
was published
for
io.jenkins.plugins:screenrecorder
(Maven)
Oct 19, 2022
A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD)...
High
Unreviewed
CVE-2019-1669
was published
May 13, 2022
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an...
High
Unreviewed
CVE-2018-0383
was published
May 13, 2022
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,...
High
Unreviewed
CVE-2018-9312
was published
May 14, 2022
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,...
High
Unreviewed
CVE-2018-9320
was published
May 14, 2022
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,...
High
Unreviewed
CVE-2018-9322
was published
May 14, 2022
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,...
High
Unreviewed
CVE-2018-9314
was published
May 14, 2022
The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass. A client can...
High
Unreviewed
CVE-2022-39957
was published
Sep 21, 2022
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could...
High
Unreviewed
CVE-2021-1223
was published
May 24, 2022
Agent-to-controller security bypass in Jenkins Debian Package Builder Plugin
High
CVE-2022-23118
was published
for
ru.yandex.jenkins.plugins.debuilder:debian-package-builder
(Maven)
Jan 13, 2022
Agent-to-controller security bypass in Jenkins Squash TM Publisher (Squash4Jenkins) Plugin allows writing arbitrary files
High
CVE-2021-43578
was published
for
org.jenkins-ci.plugins:squashtm-publisher-plugin
(Maven)
May 24, 2022
Remote Code Execution in Custom Integration Upload
High
CVE-2023-41319
was published
for
ethyca-fides
(pip)
Sep 7, 2023
Sandbox bypass vulnerabilities in Jenkins Script Security Plugin and in Pipeline: Groovy Plugin
High
CVE-2022-43401
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps
(Maven)
Oct 19, 2022
Improper handling of untrusted branches in Gitea Jenkins Plugin
High
CVE-2019-10330
was published
for
org.jenkins-ci.plugins:gitea
(Maven)
May 24, 2022
Sandbox Bypass in Script Security Plugin
High
CVE-2019-1003005
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API