Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

508 advisories

Loading
Improper input validation in Druva inSync Client 6.5.0 allows a local, authenticated attacker to... Moderate Unreviewed
CVE-2019-4001 was published May 24, 2022
Incorrect default permissions in the installer for Intel(R) Graphics Drivers before versions 15... Moderate Unreviewed
CVE-2020-0508 was published May 24, 2022
In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user... Moderate Unreviewed
CVE-2020-0023 was published May 24, 2022
Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0... Moderate Unreviewed
CVE-2019-20106 was published May 24, 2022
An Incorrect Default Permissions vulnerability in the BDLDaemon component of Bitdefender AV for... Moderate Unreviewed
CVE-2019-17103 was published May 24, 2022
Jenkins WebSphere Deployer Plugin missing permission check Moderate
CVE-2019-16559 was published for org.jenkins-ci.plugins:websphere-deployer (Maven) May 24, 2022
Missing permission check in Jenkins Build Failure Analyzer Plugin Moderate
CVE-2019-16554 was published for com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (Maven) May 24, 2022
Missing permission check in Jenkins Gerrit Trigger Plugin Moderate
CVE-2019-16552 was published for com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger (Maven) May 24, 2022
Scanguard through 2019-11-12 on Windows has Insecure Permissions for the installation directory,... Moderate Unreviewed
CVE-2019-18895 was published May 24, 2022
A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense... Moderate Unreviewed
CVE-2019-1982 was published May 24, 2022
The Symantec SONAR component, prior to 12.0.2, may be susceptible to a tamper protection bypass... Moderate Unreviewed
CVE-2019-12752 was published May 24, 2022
In JetBrains TeamCity before 2019.1.2, a non-destructive operation could be performed by a user... Moderate Unreviewed
CVE-2019-18367 was published May 24, 2022
In JetBrains YouTrack before 2019.2.55152, removing tags from the issues list without the... Moderate Unreviewed
CVE-2019-18369 was published May 24, 2022
In JetBrains TeamCity before 2019.1.2, secure values could be exposed to users with the "View... Moderate Unreviewed
CVE-2019-18366 was published May 24, 2022
An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU... Moderate Unreviewed
CVE-2019-14925 was published May 24, 2022
Jenkins Global Post Script Plugin missing permission check Moderate
CVE-2019-10474 was published for org.jenkins-ci.plugins:global-post-script (Maven) May 24, 2022
Jenkins Libvirt Slaves Plugin vlnerable to Incorrect Default Permissions Moderate
CVE-2019-10472 was published for org.jenkins-ci.plugins:libvirt-slave (Maven) May 24, 2022
Jenkins Deploy WebLogic Plugin missing permission check Moderate
CVE-2019-10465 was published for org.jenkins-ci.plugins:weblogic-deployer-plugin (Maven) May 24, 2022
Jenkins Libvirt Slaves Plugin vlnerable to Credential Enumeration Moderate
CVE-2019-10473 was published for org.jenkins-ci.plugins:libvirt-slave (Maven) May 24, 2022
Jenkins Dynatrace Plugin contains Incorrect Default Permissions Moderate
CVE-2019-10463 was published for org.jenkins-ci.plugins:dynatrace-dashboard (Maven) May 24, 2022
Jenkins Kubernetes CI/CD Plugin vulnerable to Credential Enumeration Moderate
CVE-2019-10470 was published for com.elasticbox.jenkins-ci.plugins:kubernetes-ci (Maven) May 24, 2022
Jenkins Kubernetes CI/CD Plugin vulnerable to Improper Authorization Moderate
CVE-2019-10469 was published for com.elasticbox.jenkins-ci.plugins:kubernetes-ci (Maven) May 24, 2022
A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow... Moderate Unreviewed
CVE-2019-15962 was published May 24, 2022
If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes... Moderate Unreviewed
CVE-2019-11738 was published May 24, 2022
In Limesurvey before 3.17.14, admin users can run an integrity check without proper permissions. Moderate Unreviewed
CVE-2019-16183 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database