GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,001
Maven
5,000+
npm
3,713
NuGet
661
pip
3,384
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
21 advisories
Filter by severity
Sandbox bypass in Script Security Plugin
Critical
CVE-2019-1003029
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 13, 2022
Sandbox bypass in Jenkins Pipeline: Groovy Plugin
Critical
CVE-2019-1003030
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps
(Maven)
May 13, 2022
Script security sandbox bypass in Jenkins Email Extension Plugin
Critical
CVE-2019-1003032
was published
for
org.jenkins-ci.plugins:email-ext
(Maven)
May 13, 2022
Script security sandbox bypass in Matrix Project Plugin
Critical
CVE-2019-1003031
was published
for
org.jenkins-ci.plugins:matrix-project
(Maven)
May 13, 2022
Script security sandbox bypass in Jenkins Job DSL Plugin
Critical
CVE-2019-1003034
was published
for
org.jenkins-ci.plugins:job-dsl
(Maven)
May 13, 2022
The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW...
Critical
Unreviewed
CVE-2018-9318
was published
May 14, 2022
The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW...
Critical
Unreviewed
CVE-2018-9311
was published
May 14, 2022
Client-side enforcement using JavaScript of server-side security options on the Cohu 3960HD...
Critical
Unreviewed
CVE-2017-8864
was published
May 17, 2022
Sandbox bypass vulnerability in Jenkins Script Security Plugin
Critical
CVE-2020-2279
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 24, 2022
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access...
Critical
Unreviewed
CVE-2021-32835
was published
May 24, 2022
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
Critical
CVE-2021-21690
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Unsafe entry in Script Security list of approved signatures in Pipeline Remote Loader Plugin
Critical
CVE-2019-10328
was published
for
org.jenkins-ci.plugins:workflow-remote-loader
(Maven)
May 24, 2022
An unauthenticated attacker can update the hostname with a specially crafted name that will allow...
Critical
Unreviewed
CVE-2022-31479
was published
Jun 7, 2022
isolated-vm has vulnerable CachedDataOptions in API
Critical
CVE-2022-39266
was published
for
isolated-vm
(npm)
Sep 30, 2022
Jenkins Pipeline: Groovy Plugin allows sandbox protection bypass and arbitrary code execution
Critical
CVE-2022-43402
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps
(Maven)
Oct 19, 2022
Jenkins Script Security Plugin sandbox bypass vulnerability
Critical
CVE-2022-43403
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
Oct 19, 2022
User login brute force protection functionality bypass
Critical
Unreviewed
CVE-2022-27516
was published
Nov 9, 2022
Sandbox escape in Jenkins Email Extension Plugin
Critical
CVE-2023-25765
was published
for
org.jenkins-ci.plugins:email-ext
(Maven)
Feb 15, 2023
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An...
Critical
Unreviewed
CVE-2023-32493
was published
Aug 16, 2023
Protection mechanism failure in some Intel DCM software before version 5.2 may allow an...
Critical
Unreviewed
CVE-2023-31273
was published
Nov 14, 2023
Protection mechanism failure issue exists in RevoWorks SCVX prior to scvimage4.10.21_1013 (when...
Critical
Unreviewed
CVE-2024-25091
was published
Mar 1, 2024
ProTip!
Advisories are also available from the
GraphQL API