GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
20,947 advisories
Missing permission checks in Health Advisor by CloudBees Plugin
Moderate
CVE-2020-2094
was published
for
org.jenkins-ci.plugins:cloudbees-jenkins-advisor
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Sounds Plugin allow OS command execution
High
CVE-2020-2098
was published
for
org.jenkins-ci.plugins:sounds
(Maven)
May 24, 2022
Reflected XSS vulnerability in Jenkins gitlab-hook Plugin
Moderate
CVE-2020-2096
was published
for
org.jenkins-ci.ruby-plugins:gitlab-hook
(Maven)
May 24, 2022
Redgate SQL Change Automation Plugin stored credentials in plain text
Moderate
CVE-2020-2095
was published
for
com.redgate.plugins.redgatesqlci:redgate-sql-ci
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Robot Framework Plugin
High
CVE-2020-2092
was published
for
org.jenkins-ci.plugins:robot
(Maven)
May 24, 2022
Missing permission checks in Jenkins Sounds Plugin allow OS command execution
High
CVE-2020-2097
was published
for
org.jenkins-ci.plugins:sounds
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Amazon EC2 Plugin
Low
CVE-2020-2090
was published
for
org.jenkins-ci.plugins:ec2
(Maven)
May 24, 2022
Missing permission checks in Jenkins Amazon EC2 Plugin
Moderate
CVE-2020-2091
was published
for
org.jenkins-ci.plugins:ec2
(Maven)
May 24, 2022
CSRF vulnerability in Health Advisor by CloudBees Plugin
Moderate
CVE-2020-2093
was published
for
org.jenkins-ci.plugins:cloudbees-jenkins-advisor
(Maven)
May 24, 2022
Denial of service in ASP.NET Core
Moderate
CVE-2020-0602
was published
for
Microsoft.AspNetCore.All
(NuGet)
May 24, 2022
Remote code execution in Microsoft.WindowsDesktop.App.Ref
High
CVE-2020-0606
was published
for
Microsoft.WindowsDesktop.App.Ref
(NuGet)
May 24, 2022
Remote code execution in ASP.NET Core
High
CVE-2020-0603
was published
for
Microsoft.AspNetCore.All
(NuGet)
May 24, 2022
keycloak vulnerable to unauthorized login via mail server setup
Critical
CVE-2019-14837
was published
for
org.keycloak:keycloak-core
(Maven)
May 24, 2022
Pivotal Spring Framework contains unsafe Java deserialization methods
Critical
CVE-2016-1000027
was published
for
org.springframework:spring-web
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API