GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
21,369 advisories
Out-of-bounds Read in Facebook Hermes
High
CVE-2020-1915
was published
for
hermes-engine
(npm)
May 24, 2022
fabric8-maven-plugin: insecure way to construct Yaml Object leading to remote code execution
High
CVE-2020-10721
was published
for
io.fabric8:fabric8-maven-plugin
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Nerrvana Plugin
Moderate
CVE-2020-2298
was published
for
org.jenkins-ci.plugins:nerrvana-plugin
(Maven)
May 24, 2022
Missing permission checks in Jenkins Maven Cascade Release Plugin
Moderate
CVE-2020-2294
was published
for
com.barchart.jenkins:maven-release-cascade
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Maven Cascade Release Plugin
Moderate
CVE-2020-2295
was published
for
com.barchart.jenkins:maven-release-cascade
(Maven)
May 24, 2022
Access token stored in plain text by Jenkins SMS Notification Plugin
Low
CVE-2020-2297
was published
for
com.hoiio.jenkins:sms
(Maven)
May 24, 2022
Incorrect default pattern in Jenkins Audit Trail Plugin
Moderate
CVE-2020-2288
was published
for
org.jenkins-ci.plugins:audit-trail
(Maven)
May 24, 2022
Password stored in plain text by Jenkins couchdb-statistics Plugin
Low
CVE-2020-2291
was published
for
org.jenkins-ci.plugins:couchdb-statistics
(Maven)
May 24, 2022
Always-Incorrect Control Flow Implementation in Facebook Hermes
Critical
CVE-2020-1914
was published
for
hermes-engine
(npm)
May 24, 2022
Improper authorization due to caching in Jenkins Role-based Authorization Strategy Plugin
High
CVE-2020-2286
was published
for
org.jenkins-ci.plugins:role-strategy
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Shared Objects Plugin
Moderate
CVE-2020-2296
was published
for
org.jenkins-ci.plugins:shared-objects
(Maven)
May 24, 2022
Arbitrary file read vulnerability in Jenkins Persona Plugin
Moderate
CVE-2020-2293
was published
for
org.jenkins-ci.plugins:persona
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins Release Plugin
Moderate
CVE-2020-2292
was published
for
org.jenkins-ci.plugins:release
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins Active Choices Plugin
Moderate
CVE-2020-2290
was published
for
org.biouno:uno-choice
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins Active Choices Plugin
Moderate
CVE-2020-2289
was published
for
org.biouno:uno-choice
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API