GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
587 advisories
Renderers can obtain access to random bluetooth device without permission in Electron
Low
CVE-2022-21718
was published
for
electron
(npm)
Mar 22, 2022
Missing permission checks in Jenkins kubernetes-cd Plugin allow enumerating credentials IDs
Moderate
CVE-2022-27209
was published
for
org.jenkins-ci.plugins:kubernetes-cd
(Maven)
Mar 16, 2022
CSRF vulnerability and missing permission checks in Extended Choice Parameter Plugin allow SSRF
Moderate
CVE-2022-27205
was published
for
org.jenkins-ci.plugins:extended-choice-parameter
(Maven)
Mar 16, 2022
Missing permission checks in Jenkins Release Helper Plugin
Moderate
CVE-2022-27215
was published
for
org.jenkins-ci.plugins:release-helper
(Maven)
Mar 16, 2022
CSRF vulnerability and missing permission checks in Jenkins kubernetes-cd Plugin allow capturing credentials
High
CVE-2022-27211
was published
for
org.jenkins-ci.plugins:kubernetes-cd
(Maven)
Mar 16, 2022
Gogs vulnerable to improper PAM authorization handling
High
CVE-2022-0871
was published
for
gogs.io/gogs
(Go)
Mar 14, 2022
Missing permission check in Jenkins Conjur Secrets Plugin allows enumerating credentials IDs
Moderate
CVE-2022-25190
was published
for
org.conjur.jenkins:conjur-credentials
(Maven)
Feb 16, 2022
Jenkins Snow Commander Plugin prior to 2.0 vulnerable to Missing Authorization
Moderate
CVE-2022-25193
was published
for
io.jenkins.plugins:embotics-vcommander
(Maven)
Feb 16, 2022
Missing permission check in Jenkins autonomiq Plugin
Moderate
CVE-2022-25195
was published
for
io.jenkins.plugins:autonomiq
(Maven)
Feb 16, 2022
Missing permission check in Jenkins SCP publisher Plugin
High
CVE-2022-25199
was published
for
org.jenkins-ci.plugins:scp
(Maven)
Feb 16, 2022
Missing permission checks in Jenkins Checkmarx Plugin allow capturing credentials
Moderate
CVE-2022-25201
was published
for
com.checkmarx.jenkins:checkmarx
(Maven)
Feb 16, 2022
Missing Authorization in Jenkins dbCharts Plugin
High
CVE-2022-25206
was published
for
org.jenkins-ci.plugins:dbCharts
(Maven)
Feb 16, 2022
Missing permission checks in Jenkins Chef Sinatra Plugin allow XXE
High
CVE-2022-25208
was published
for
org.jenkins-ci.plugins:sinatra-chef-builder
(Maven)
Feb 16, 2022
Missing permission check in Jenkins SWAMP Plugin allows capturing credentials
Moderate
CVE-2022-25211
was published
for
org.continuousassurance.swamp.jenkins:swamp
(Maven)
Feb 16, 2022
Reject unauthorized access with GitHub PATs
High
CVE-2021-21432
was published
for
github.com/go-vela/server
(Go)
Feb 15, 2022
ProTip!
Advisories are also available from the
GraphQL API