Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

21 advisories

Loading
Protection mechanism failure issue exists in RevoWorks SCVX prior to scvimage4.10.21_1013 (when... Critical Unreviewed
CVE-2024-25091 was published Mar 1, 2024
Sandbox bypass in Jenkins Pipeline: Groovy Plugin Critical
CVE-2019-1003030 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) May 13, 2022
westonsteimel
Sandbox bypass in Script Security Plugin Critical
CVE-2019-1003029 was published for org.jenkins-ci.plugins:script-security (Maven) May 13, 2022
westonsteimel
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An... Critical Unreviewed
CVE-2023-32493 was published Aug 16, 2023
Sandbox escape in Jenkins Email Extension Plugin Critical
CVE-2023-25765 was published for org.jenkins-ci.plugins:email-ext (Maven) Feb 15, 2023
Unsafe entry in Script Security list of approved signatures in Pipeline Remote Loader Plugin Critical
CVE-2019-10328 was published for org.jenkins-ci.plugins:workflow-remote-loader (Maven) May 24, 2022
westonsteimel
Script security sandbox bypass in Jenkins Job DSL Plugin Critical
CVE-2019-1003034 was published for org.jenkins-ci.plugins:job-dsl (Maven) May 13, 2022
westonsteimel
Script security sandbox bypass in Matrix Project Plugin Critical
CVE-2019-1003031 was published for org.jenkins-ci.plugins:matrix-project (Maven) May 13, 2022
westonsteimel
Sandbox bypass vulnerability in Jenkins Script Security Plugin Critical
CVE-2020-2279 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
NotMyFault westonsteimel
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins Critical
CVE-2021-21690 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Protection mechanism failure in some Intel DCM software before version 5.2 may allow an... Critical Unreviewed
CVE-2023-31273 was published Nov 14, 2023
Jenkins Script Security Plugin sandbox bypass vulnerability Critical
CVE-2022-43403 was published for org.jenkins-ci.plugins:script-security (Maven) Oct 19, 2022
Jenkins Pipeline: Groovy Plugin allows sandbox protection bypass and arbitrary code execution Critical
CVE-2022-43402 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) Oct 19, 2022
User login brute force protection functionality bypass Critical Unreviewed
CVE-2022-27516 was published Nov 9, 2022
isolated-vm has vulnerable CachedDataOptions in API Critical
CVE-2022-39266 was published for isolated-vm (npm) Sep 30, 2022
hedgehog80
An unauthenticated attacker can update the hostname with a specially crafted name that will allow... Critical Unreviewed
CVE-2022-31479 was published Jun 7, 2022
Client-side enforcement using JavaScript of server-side security options on the Cohu 3960HD... Critical Unreviewed
CVE-2017-8864 was published May 17, 2022
The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW... Critical Unreviewed
CVE-2018-9318 was published May 14, 2022
The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW... Critical Unreviewed
CVE-2018-9311 was published May 14, 2022
Script security sandbox bypass in Jenkins Email Extension Plugin Critical
CVE-2019-1003032 was published for org.jenkins-ci.plugins:email-ext (Maven) May 13, 2022
westonsteimel
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access... Critical Unreviewed
CVE-2021-32835 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database