Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

20,659 advisories

Loading
Jenkins Data Theorem Mobile Security: CI/CD Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10413 was published for com.datatheorem.mobileappsecurity.jenkins.plugin:datatheorem-mobile-app-security (Maven) May 24, 2022
Missing permission check in Jenkins Project Inheritance Plugin Moderate
CVE-2019-10409 was published for hudson.plugins:project-inheritance (Maven) May 24, 2022
Jenkins Log Parser Plugin vulnerable to Cross-site Scripting Moderate
CVE-2019-10410 was published for org.jenkins-ci.plugins:log-parser (Maven) May 24, 2022
Jenkins Inedo ProGet Plugin Plugin has Cleartext Transmission of Sensitive Information Low
CVE-2019-10412 was published for com.inedo.proget:inedo-proget (Maven) May 24, 2022
Yii Framework Code Injection High
CVE-2018-8074 was published for yiisoft/yii2-dev (Composer) May 24, 2022
Devise Token Auth vulnerable to Cross-site Scripting Moderate
CVE-2019-16751 was published for devise_token_auth (RubyGems) May 24, 2022
Joomla! XSS in Default Templates Moderate
CVE-2019-16725 was published for joomla/joomla-cms (Composer) May 24, 2022
Use of Insufficiently Random Values in Apereo CAS High
CVE-2019-10754 was published for org.apereo.cas:cas-server-core-services-api (Maven) May 24, 2022
Cross-site Scripting in Apache JSPWiki Moderate
CVE-2019-12407 was published for org.apache.jspwiki:jspwiki-main (Maven) May 24, 2022
Home Assistant information disclosure vulnerability High
CVE-2018-21019 was published for homeassistant (pip) May 24, 2022
Pagekit User enumeration Moderate
CVE-2019-16669 was published for pagekit/pagekit (Composer) May 24, 2022
Drupal Cross Site Scripting (XSS) vulnerability Moderate
CVE-2019-6341 was published for drupal/core (Composer) May 24, 2022
Use of a weak cryptographic algorithm in Gradle Low
CVE-2019-16370 was published for org.gradle:gradle-core (Maven) May 24, 2022
Pimcore RCE via PHAR upload High
CVE-2019-16317 was published for pimcore/pimcore (Composer) May 24, 2022
Pimcore Unrestricted Upload of File with Dangerous Type High
CVE-2019-16318 was published for pimcore/pimcore (Composer) May 24, 2022
Jenkins Aqua Security Serverless Scanner Plugin showed plain text password in job configuration form fields Low
CVE-2019-10397 was published for org.jenkins-ci.plugins:aqua-serverless (Maven) May 24, 2022
andrewpollock
Jenkins Build Environment Plugin vulnerable to Cross-site Scripting Moderate
CVE-2019-10395 was published for org.jenkins-ci.plugins:build-environment (Maven) May 24, 2022
Jenkins Dashboard View Plugin vulnerable to Cross-site Scripting Moderate
CVE-2019-10396 was published for org.jenkins-ci.plugins:dashboard-view (Maven) May 24, 2022
Jenkins Beaker Builder Plugin has Insufficiently Protected Credentials Low
CVE-2019-10398 was published for org.jenkins-ci.plugins:beaker-builder (Maven) May 24, 2022
Sandbox bypass vulnerability in Jenkins Script Security Plugin Moderate
CVE-2019-10394 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
Sandbox bypass vulnerability in Jenkins Script Security Plugin Moderate
CVE-2019-10399 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
Sandbox bypass vulnerability in Jenkins Script Security Plugin Moderate
CVE-2019-10400 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
Improper Neutralization of Special Elements used in an OS Command in Jenkins Git Client Plugin High
CVE-2019-10392 was published for org.jenkins-ci.plugins:git-client (Maven) May 24, 2022
Sandbox bypass vulnerability in Script Security Plugin Moderate
CVE-2019-10393 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
py-lmdb Divide by Zero interruptions High
CVE-2019-16228 was published for lmdb (pip) May 24, 2022
ProTip! Advisories are also available from the GraphQL API