Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

20,960 advisories

Loading
ChakraCore RCE Vulnerability High
CVE-2020-0712 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
ChakraCore RCE Vulnerability High
CVE-2020-0711 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
ChakraCore RCE Vulnerability High
CVE-2020-0710 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
omniauth-weibo-oauth2 included a code-execution backdoor inserted by a third party Critical
CVE-2019-17268 was published for omniauth-weibo-oauth2 (RubyGems) May 24, 2022
Magento Path Traversal Moderate
CVE-2020-3717 was published for magento/community-edition (Composer) May 24, 2022
Magento deserialization vulnerability Critical
CVE-2020-3716 was published for magento/community-edition (Composer) May 24, 2022
Magento sql injection vulnerability High
CVE-2020-3719 was published for magento/community-edition (Composer) May 24, 2022
Magento stored cross-site scripting vulnerability Moderate
CVE-2020-3758 was published for magento/community-edition (Composer) May 24, 2022
Magento security bypass vulnerability Critical
CVE-2020-3718 was published for magento/community-edition (Composer) May 24, 2022
Magento stored cross-site scripting vulnerability Moderate
CVE-2020-3715 was published for magento/community-edition (Composer) May 24, 2022
Stored XSS vulnerability in Code Coverage API Plugin Moderate
CVE-2020-2106 was published for io.jenkins.plugins:code-coverage-api (Maven) May 24, 2022
NotMyFault
Jenkins REST APIs vulnerable to clickjacking Low
CVE-2020-2105 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
XXE vulnerability in Jenkins WebSphere Deployer Plugin High
CVE-2020-2108 was published for org.jenkins-ci.plugins:websphere-deployer (Maven) May 24, 2022
NotMyFault
Fortify Plugin stored credentials in plain text Moderate
CVE-2020-2107 was published for org.jenkins-ci.plugins:fortify (Maven) May 24, 2022
NotMyFault
Memory usage graphs accessible to anyone with Overall/Read Moderate
CVE-2020-2104 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Jenkins Diagnostic page exposed session cookies Moderate
CVE-2020-2103 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Jenkins vulnerable to UDP amplification reflection attack Moderate
CVE-2020-2100 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Inbound TCP Agent Protocol/3 authentication bypass in Jenkins High
CVE-2020-2099 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Non-constant time HMAC comparison Moderate
CVE-2020-2102 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Non-constant time comparison of inbound TCP agent connection secret Moderate
CVE-2020-2101 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Typo3 Cross-Site Scripting in Flash component (ELTS) Moderate
CVE-2020-8091 was published for typo3/cms (Composer) May 24, 2022
Dolibarr Improper Restriction of Excessive Authentication Attempts Critical
CVE-2020-7995 was published for dolibarr/dolibarr (Composer) May 24, 2022
Dolibarr cross-site scripting (XSS) vulnerability Moderate
CVE-2020-7994 was published for dolibarr/dolibarr (Composer) May 24, 2022
Zenario CMS vulnerable to CRLF injection Moderate
CVE-2015-3154 was published for zendframework/zend-http (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API