GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
358 advisories
Filter by severity
Improper permission checks in Jenkins Copy Artifact Plugin
Moderate
CVE-2020-2183
was published
for
org.jenkins-ci.plugins:copyartifact
(Maven)
May 24, 2022
Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow...
Moderate
Unreviewed
CVE-2023-28870
was published
Dec 9, 2023
Missing permission check in Jenkins Build Failure Analyzer Plugin
Moderate
CVE-2019-16554
was published
for
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
(Maven)
May 24, 2022
Missing permission check in Jenkins Gerrit Trigger Plugin
Moderate
CVE-2019-16552
was published
for
com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
(Maven)
May 24, 2022
Insecure permissions in the setNFZEnable function of Autel Robotics EVO Nano drone v1.6.5 allows...
Moderate
Unreviewed
CVE-2023-47335
was published
Nov 16, 2023
Apache Superset has Incorrect Default Permissions
Moderate
CVE-2023-42501
was published
for
apache-superset
(pip)
Nov 27, 2023
PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default...
Moderate
Unreviewed
CVE-2023-43081
was published
Nov 22, 2023
in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information...
Moderate
Unreviewed
CVE-2023-42774
was published
Nov 20, 2023
A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of...
Moderate
Unreviewed
CVE-2022-4575
was published
Oct 30, 2023
Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may...
Moderate
Unreviewed
CVE-2023-32638
was published
Nov 14, 2023
Incorrect Default Permissions in Apache DolphinScheduler
Moderate
CVE-2020-13922
was published
for
org.apache.dolphinscheduler:dolphinscheduler
(Maven)
Feb 9, 2022
Sensitive information disclosure due to insecure folder permissions. The following products are...
Moderate
Unreviewed
CVE-2023-5042
was published
Sep 20, 2023
Jenkins AppSpider Plugin missing permission check
Moderate
CVE-2023-32999
was published
for
com.rapid7:jenkinsci-appspider-plugin
(Maven)
May 16, 2023
Jenkins SAML Single Sign On(SSO) Plugin missing permission checks
Moderate
CVE-2023-32996
was published
for
io.jenkins.plugins:miniorange-saml-sp
(Maven)
May 16, 2023
PowerJob vulnerable to Insecure Permissions
Moderate
CVE-2023-29923
was published
for
tech.powerjob:powerjob
(Maven)
Apr 19, 2023
Jenkins Kubernetes CI/CD Plugin vulnerable to Credential Enumeration
Moderate
CVE-2019-10470
was published
for
com.elasticbox.jenkins-ci.plugins:kubernetes-ci
(Maven)
May 24, 2022
Jenkins WebSphere Deployer Plugin missing permission check
Moderate
CVE-2019-16559
was published
for
org.jenkins-ci.plugins:websphere-deployer
(Maven)
May 24, 2022
Jenkins Global Post Script Plugin missing permission check
Moderate
CVE-2019-10474
was published
for
org.jenkins-ci.plugins:global-post-script
(Maven)
May 24, 2022
Jenkins Deploy WebLogic Plugin missing permission check
Moderate
CVE-2019-10465
was published
for
org.jenkins-ci.plugins:weblogic-deployer-plugin
(Maven)
May 24, 2022
Jenkins Dynatrace Plugin contains Incorrect Default Permissions
Moderate
CVE-2019-10463
was published
for
org.jenkins-ci.plugins:dynatrace-dashboard
(Maven)
May 24, 2022
Jenkins Kubernetes CI/CD Plugin vulnerable to Improper Authorization
Moderate
CVE-2019-10469
was published
for
com.elasticbox.jenkins-ci.plugins:kubernetes-ci
(Maven)
May 24, 2022
IBM Manage Application 8.8.0 and 8.9.0 in the IBM Maximo Application Suite is vulnerable to...
Moderate
Unreviewed
CVE-2022-46774
was published
Mar 15, 2023
In network service, there is a missing permission check. This could lead to local escalation of...
Moderate
Unreviewed
CVE-2022-39081
was published
Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of...
Moderate
Unreviewed
CVE-2022-39082
was published
Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of...
Moderate
Unreviewed
CVE-2022-39087
was published
Jan 4, 2023
ProTip!
Advisories are also available from the
GraphQL API