Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

20,944 advisories

Loading
XXE vulnerability in Rundeck Plugin High
CVE-2020-2144 was published for org.jenkins-ci.plugins:rundeck (Maven) May 24, 2022
NotMyFault
Jenkins Quality Gates Plugin transmits credentials in plain text during configuration Low
CVE-2020-2151 was published for org.jenkins-ci.plugins:quality-gates (Maven) May 24, 2022
NotMyFault
Jenkins Sonar Quality Gates Plugin transmits credentials in plain text during configuration Low
CVE-2020-2150 was published for org.jenkins-ci.plugins:sonar-quality-gates (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Mac Plugin Moderate
CVE-2020-2147 was published for fr.edf.jenkins.plugins:mac (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins P4 Plugin Moderate
CVE-2020-2141 was published for org.jenkins-ci.plugins:p4 (Maven) May 24, 2022
NotMyFault
Credentials transmitted in plain text by Repository Connector Plugin Low
CVE-2020-2149 was published for org.jenkins-ci.plugins:repository-connector (Maven) May 24, 2022
NotMyFault
Credentials transmitted in plain text by Jenkins Logstash Plugin Low
CVE-2020-2143 was published for org.jenkins-ci.plugins:logstash (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins P4 Plugin Moderate
CVE-2020-2142 was published for org.jenkins-ci.plugins:p4 (Maven) May 24, 2022
NotMyFault
Credentials stored in plain text by Zephyr Enterprise Test Management Plugin Low
CVE-2020-2145 was published for org.jenkins-ci.plugins:zephyr-enterprise-test-management (Maven) May 24, 2022
NotMyFault
XSS vulnerability in Jenkins Audit Trail Plugin Moderate
CVE-2020-2140 was published for org.jenkins-ci.plugins:audit-trail (Maven) May 24, 2022
NotMyFault
Arbitrary file write vulnerability in Jenkins Cobertura Plugin Moderate
CVE-2020-2139 was published for org.jenkins-ci.plugins:cobertura (Maven) May 24, 2022
NotMyFault
Improper Neutralization of Input During Web Page Generation in Jenkins Git Plugin Moderate
CVE-2020-2136 was published for org.jenkins-ci.plugins:git (Maven) May 24, 2022
Stored XSS vulnerability in Jenkins Timestamper Plugin Moderate
CVE-2020-2137 was published for org.jenkins-ci.plugins:timestamper (Maven) May 24, 2022
NotMyFault
Sandbox bypass vulnerability in Script Security Plugin High
CVE-2020-2135 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
NotMyFault
Sandbox bypass vulnerability in Script Security Plugin High
CVE-2020-2134 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
NotMyFault
Froxlor arbitrary code execution via the database configuration options High
CVE-2020-10235 was published for froxlor/froxlor (Composer) May 24, 2022
Froxlor Information Disclosure Moderate
CVE-2020-10236 was published for froxlor/froxlor (Composer) May 24, 2022
Froxlor Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2020-10237 was published for froxlor/froxlor (Composer) May 24, 2022
SEOmatic for CraftCMS allows Server-Side Template Injection Critical
CVE-2020-9757 was published for nystudio107/craft-seomatic (Composer) May 24, 2022
Cross-site Scripting in Apache Struts Moderate
CVE-2015-2992 was published for org.apache.struts:struts2-core (Maven) May 24, 2022
CardGate Payments plugin for WooCommerce does not validate request origin High
CVE-2020-8819 was published for cardgate/woocommerce (Composer) May 24, 2022
DNN Path Traversal via Zip Slip High
CVE-2020-5187 was published for DotNetNuke.Core (NuGet) May 24, 2022
DNN File Upload Vulnerability Moderate
CVE-2020-5188 was published for DotNetNuke.Core (NuGet) May 24, 2022
DNN XSS Vulnerability Moderate
CVE-2020-5186 was published for DotNetNuke.Core (NuGet) May 24, 2022
Deserialization of Untrusted Data in JYaml Critical
CVE-2020-8441 was published for org.jyaml:jyaml (Maven) May 24, 2022
ProTip! Advisories are also available from the GraphQL API