Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,757
Maven
5,000+
npm
4,363
NuGet
766
pip
4,128
Pub
12
RubyGems
961
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

12,887 advisories

Loading
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent:... Low Unreviewed
CVE-2018-3136 was published May 13, 2022
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent:... Low Unreviewed
CVE-2018-3139 was published May 13, 2022
Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and 8u5 allows remote... Low Unreviewed
CVE-2014-4208 was published May 13, 2022
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60;... Low Unreviewed
CVE-2014-6558 was published May 13, 2022
Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect... Low Unreviewed
CVE-2014-6527 was published May 13, 2022
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded... Low Unreviewed
CVE-2014-6502 was published May 13, 2022
Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local users to affect integrity... Low Unreviewed
CVE-2015-0413 was published May 13, 2022
Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25... Low Unreviewed
CVE-2014-6591 was published May 13, 2022
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers... Low Unreviewed
CVE-2014-6585 was published May 13, 2022
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE... Low Unreviewed
CVE-2015-2625 was published May 13, 2022
Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 do not properly enforce... Low Unreviewed
CVE-2011-4434 was published May 13, 2022
Jenkins PRQA Plugin stored password in plain text Low
CVE-2019-1003048 was published for com.programmingresearch:prqa-plugin (Maven) May 13, 2022
Jenkins Repository Connector Plugin has insufficiently protected credentials Low
CVE-2019-1003038 was published for org.jenkins-ci.plugins:repository-connector (Maven) May 13, 2022
Jenkins Jabber Server Plugin stores credentials in plain text Low
CVE-2019-10288 was published for de.e-nexus:jabber-server-plugin (Maven) May 13, 2022
Jenkins youtrack-plugin Plugin stored credentials in plain text Low
CVE-2019-10287 was published for org.jenkins-ci.plugins:youtrack-plugin (Maven) May 13, 2022
Jenkins Minio Storage Plugin stores credentials in plain text Low
CVE-2019-10285 was published for org.jenkins-ci.plugins:minio-storage (Maven) May 13, 2022
Jenkins Netsparker Enterprise Scan Plugin stored credentials in plain text Low
CVE-2019-10291 was published for org.jenkins-ci.plugins:netsparker-cloud-scan (Maven) May 13, 2022
Jenkins Sametime Plugin stores credentials in plain text Low
CVE-2019-10297 was published for org.jenkins-ci.plugins:sametime (Maven) May 13, 2022
Jenkins Koji Plugin stores credentials in plain text Low
CVE-2019-10298 was published for org.jenkins-ci.plugins:koji (Maven) May 13, 2022
Jenkins CloudCoreo DeployTime Plugin stores credentials in plain text Low
CVE-2019-10299 was published for com.cloudcoreo.plugins:cloudcoreo-deploytime (Maven) May 13, 2022
Jenkins Serena SRA Deploy Plugin stores credentials in plain text Low
CVE-2019-10296 was published for com.urbancode.ds.jenkins.plugins:sra-deploy (Maven) May 13, 2022
Jenkins Relution Enterprise Appstore Publisher Plugin stores credentials in plain text Low
CVE-2019-10281 was published for org.jenkins-ci.plugins:relution-publisher (Maven) May 13, 2022
modules.d/90crypt/module-setup.sh in the dracut package before 037-17.30.1 in openSUSE 13.2... Low Unreviewed
CVE-2015-0794 was published May 13, 2022
dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other... Low Unreviewed
CVE-2012-4453 was published May 13, 2022
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not... Low Unreviewed
CVE-2016-0701 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database