GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
68 advisories
Filter by severity
Storing Password in Local Storage
Moderate
GHSA-wvh7-5p38-2qfc
was published
for
parse
(npm)
Jul 23, 2020
Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in...
Moderate
Unreviewed
CVE-2021-36317
was published
Dec 22, 2021
Personal tokens stored in plain text by Jenkins incapptic connect uploader Plugin
Moderate
CVE-2022-27218
was published
for
com.incapptic.plugins:incapptic-connect-uploader
(Maven)
Mar 16, 2022
Plaintext storage in Jenkins instant-messaging Plugin
Moderate
CVE-2022-28135
was published
for
org.jvnet.hudson.plugins:instant-messaging
(Maven)
Mar 30, 2022
Plaintext Storage of a Password in Jenkins Configuration as Code Plugin
Moderate
CVE-2019-10345
was published
for
io.jenkins:configuration-as-code
(Maven)
May 24, 2022
An Unprotected Storage of Credentials vulnerability in the identity and access management...
Moderate
Unreviewed
CVE-2019-0072
was published
May 24, 2022
Fortify Plugin stored credentials in plain text
Moderate
CVE-2020-2107
was published
for
org.jenkins-ci.plugins:fortify
(Maven)
May 24, 2022
Password stored in plain text by ECX Copy Data Management Plugin
Moderate
CVE-2020-2128
was published
for
com.catalogic.ecxjenkins:catalogic-ecx
(Maven)
May 24, 2022
Plaintext Storage of a Password in Jenkins Eagle Tester Plugin
Moderate
CVE-2020-2129
was published
for
com.mobileenerlytics.eagle.tester:eagle-tester
(Maven)
May 24, 2022
Password stored in plain text by Dynamic Extended Choice Parameter Plugin
Moderate
CVE-2020-2124
was published
for
com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter
(Maven)
May 24, 2022
Password stored in plain text by Parasoft Environment Manager Plugin
Moderate
CVE-2020-2132
was published
for
com.parasoft:environment-manager
(Maven)
May 24, 2022
Passwords stored in plain text by Harvest SCM Plugin
Moderate
CVE-2020-2130
was published
for
org.jenkins-ci.plugins:harvest
(Maven)
May 24, 2022
Passwords stored in plain text by Harvest SCM Plugin
Moderate
CVE-2020-2131
was published
for
org.jenkins-ci.plugins:harvest
(Maven)
May 24, 2022
Password stored in plain text by Applatix Plugin
Moderate
CVE-2020-2133
was published
for
com.applatix.jenkins:applatix
(Maven)
May 24, 2022
Credentials stored in plain text by Jenkins Copr Plugin
Moderate
CVE-2020-2177
was published
for
org.fedoraproject.jenkins.plugins:copr
(Maven)
May 24, 2022
Secret stored in plain text by Jenkins Slack Upload Plugin
Moderate
CVE-2020-2208
was published
for
org.jenkins-ci.plugins:slack-uploader
(Maven)
May 24, 2022
Password stored in plain text by Jenkins TestComplete support Plugin
Moderate
CVE-2020-2209
was published
for
org.jenkins-ci.plugins:TestComplete
(Maven)
May 24, 2022
Secret stored in plain text by Jenkins GitHub Coverage Reporter Plugin
Moderate
CVE-2020-2212
was published
for
io.jenkins.plugins:github-coverage-reporter
(Maven)
May 24, 2022
Credentials stored in plain text by Jenkins White Source Plugin
Moderate
CVE-2020-2213
was published
for
org.jenkins-ci.plugins:whitesource
(Maven)
May 24, 2022
Passwords stored in plain text by Jenkins ReadyAPI Functional Testing Plugin
Moderate
CVE-2020-2250
was published
for
org.jenkins-ci.plugins:soapui-pro-functional-testing
(Maven)
May 24, 2022
Passwords stored in plain text by Mail Commander Plugin for Jenkins-ci Plugin
Moderate
CVE-2020-2318
was published
for
org.jenkins-ci.plugins:mailcommander
(Maven)
May 24, 2022
A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center ...
Moderate
Unreviewed
CVE-2021-1126
was published
May 24, 2022
Password stored in plain text by Jenkins Nomad Plugin
Moderate
CVE-2021-21681
was published
for
org.jenkins-ci.plugins:nomad
(Maven)
May 24, 2022
Jenkins Gem Publisher Plugin stores credentials as plaintext
Moderate
CVE-2019-10426
was published
for
net.arangamani.jenkins:gem-publisher
(Maven)
May 24, 2022
Plaintext Storage of a Password in Jenkins Convertigo Mobile Platform Plugin
Moderate
CVE-2022-34199
was published
for
com.convertigo.jenkins.plugins:convertigo-mobile-platform
(Maven)
Jun 24, 2022
ProTip!
Advisories are also available from the
GraphQL API