Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

541 advisories

Loading
Cleartext Transmission of Sensitive Information in Apache nifi High
CVE-2018-17195 was published for org.apache.nifi:nifi (Maven) Dec 20, 2018
MarkLee131
High severity vulnerability that affects com.github.shyiko.ktlint:ktlint-core High
CVE-2019-1010260 was published for com.github.shyiko.ktlint:ktlint-core (Maven) Apr 8, 2019
Django Incorrect HTTP detection with reverse-proxy connecting via HTTPS Moderate
CVE-2019-12781 was published for Django (pip) Jul 3, 2019
Missing Encryption of Sensitive Data in yarn High
CVE-2019-5448 was published for yarn (npm) Jul 31, 2019
Exposure of Sensitive Information to an Unauthorized Actor in Apache Kafka High
CVE-2019-12399 was published for org.apache.kafka:kafka (Maven) May 12, 2020
Remote Code Execution and download tracking in Mintegral SDK Moderate
CVE-2020-7744 was published for com.mintegral.msdk:alphab (Maven) Apr 22, 2021
Pgsync Contains Cleartext Transmission of Sensitive Information High
CVE-2021-31671 was published for pgsync (RubyGems) Apr 27, 2021
Missing encryption in Apache Directory Studio High
CVE-2021-33900 was published for org.apache.directory.studio:org.apache.directory.studio.parent (Maven) Aug 9, 2021
Source code is downloaded over cleartext HTTP in portaudio Moderate
CVE-2016-10933 was published for portaudio (Rust) Aug 25, 2021
User passwords transmitted in plain text by Jenkins Active Directory Plugin Moderate
CVE-2022-23105 was published for org.jenkins-ci.plugins:active-directory (Maven) Jan 13, 2022
NotMyFault
"catalog's registry v2 api exposed on unauthenticated path in Harbor" Moderate
CVE-2020-29662 was published for github.com/goharbor/harbor (Go) Feb 12, 2022
Jenkins Pipeline: Groovy Plugin has Insufficiently Protected Credentials Moderate
CVE-2022-25180 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) Feb 16, 2022
ProTip! Advisories are also available from the GraphQL API