Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+

210 advisories

Loading
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2023-29354 was published May 6, 2023
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2023-28286 was published Apr 27, 2023
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2023-28284 was published Apr 11, 2023
In maybeFinish of FallbackHome.java, there is a possible delay of lockdown screen due to logic... High Unreviewed
CVE-2023-21024 was published Mar 24, 2023
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to reCaptcha Bypass... Moderate Unreviewed
CVE-2023-0085 was published Mar 2, 2023
Sandbox escape in Jenkins Email Extension Plugin Critical
CVE-2023-25765 was published for org.jenkins-ci.plugins:email-ext (Maven) Feb 15, 2023
Protection mechanism failure in the Intel(R) DCM software before version 5.0 may allow an... High Unreviewed
CVE-2022-33942 was published Nov 11, 2022
User login brute force protection functionality bypass Critical Unreviewed
CVE-2022-27516 was published Nov 9, 2022
Jenkins Compuware Topaz for Total Test Plugin vulnerable to Protection Mechanism Failure High
CVE-2022-43429 was published for com.compuware.jenkins:compuware-topaz-for-total-test (Maven) Oct 19, 2022
Content-Security-Policy protection for user content disabled by Jenkins XFramium Builder Plugin High
CVE-2022-43432 was published for org.jenkins-ci.plugins:xframium (Maven) Oct 19, 2022
NotMyFault
Content-Security-Policy protection for user content disabled by Jenkins ScreenRecorder Plugin High
CVE-2022-43433 was published for io.jenkins.plugins:screenrecorder (Maven) Oct 19, 2022
NotMyFault
Agent-to-controller security bypass vulnerability in Jenkins BMC Compuware Source Code Download for Endevor, PDS, and ISPW Plugin Moderate
CVE-2022-43423 was published for com.compuware.jenkins:compuware-scm-downloader (Maven) Oct 19, 2022
NotMyFault
Jenkins NUnit Plugin vulnerable to Protection Mechanism Failure Moderate
CVE-2022-43414 was published for org.jenkins-ci.plugins:nunit (Maven) Oct 19, 2022
Agent-to-controller security bypass vulnerability in Jenkins Compuware Xpediter Code Coverage Plugin Moderate
CVE-2022-43424 was published for com.compuware.jenkins:compuware-xpediter-code-coverage (Maven) Oct 19, 2022
NotMyFault
Agent-to-controller security bypass vulnerabilities in Jenkins Compuware Topaz for Total Test Plugin High
CVE-2022-43428 was published for com.compuware.jenkins:compuware-topaz-for-total-test (Maven) Oct 19, 2022
NotMyFault
Sandbox bypass vulnerability in Jenkins Pipeline: Groovy Libraries Plugin and Pipeline: Deprecated Groovy Libraries Plugin High
CVE-2022-43405 was published for io.jenkins.plugins:pipeline-groovy-lib (Maven) Oct 19, 2022
NotMyFault
Sandbox bypass vulnerabilities in Jenkins Script Security Plugin and in Pipeline: Groovy Plugin High
CVE-2022-43404 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) Oct 19, 2022
NotMyFault
Sandbox bypass vulnerability in Jenkins Pipeline: Deprecated Groovy Libraries Plugin High
CVE-2022-43406 was published for io.jenkins.plugins:pipeline-groovy-lib (Maven) Oct 19, 2022
NotMyFault
Jenkins Pipeline: Groovy Plugin allows sandbox protection bypass and arbitrary code execution Critical
CVE-2022-43402 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) Oct 19, 2022
Jenkins Script Security Plugin sandbox bypass vulnerability Critical
CVE-2022-43403 was published for org.jenkins-ci.plugins:script-security (Maven) Oct 19, 2022
Sandbox bypass vulnerabilities in Jenkins Script Security Plugin and in Pipeline: Groovy Plugin High
CVE-2022-43401 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) Oct 19, 2022
NotMyFault
Content-Security-Policy protection for user content can be disabled in Jenkins 360 FireLine Plugin High
CVE-2022-43435 was published for org.jenkins-ci.plugins.plugin:fireline (Maven) Oct 19, 2022
NotMyFault
Agent-to-controller security bypass vulnerability in Jenkins Compuware Topaz Utilities Plugin Moderate
CVE-2022-43422 was published for com.compuware.jenkins:compuware-topaz-utilities (Maven) Oct 19, 2022
NotMyFault
Content-Security-Policy protection for user content disabled by Jenkins NeuVector Vulnerability Scanner Plugin High
CVE-2022-43434 was published for io.jenkins.plugins:neuvector-vulnerability-scanner (Maven) Oct 19, 2022
NotMyFault
Jenkins Katalon Plugin vulnerable to Protection Mechanism Failure High
CVE-2022-43416 was published for org.jenkins-ci.plugins:katalon (Maven) Oct 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database