Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

8 advisories

Loading
Client TLS credentials sent raw to server in npm package nats Critical
GHSA-prmc-5v5w-c465 was published for nats (npm) Apr 6, 2021
Jenkins SSH Plugin user passwords for encrypted SSH keys stored in plaintext Critical
CVE-2017-1000245 was published for org.jenkins-ci.plugins:ssh (Maven) May 13, 2022
Account takeover in facturascripts Critical
CVE-2022-1715 was published for facturascripts/facturascripts (Composer) May 14, 2022
Potential leak of authentication data to 3rd parties Critical
CVE-2023-30846 was published for typed-rest-client (npm) Apr 27, 2023
yahavi JLLeitschuh
rpc.py vulnerable to Deserialization of Untrusted Data Critical
CVE-2022-35411 was published for rpc.py (pip) Jul 9, 2022
TeamPass Storing Passwords in a Recoverable Format vulnerability Critical
CVE-2019-1000001 was published for nilsteampassnet/teampass (Composer) May 13, 2022
SiCKRAGE Discloses Plaintext Credentials Critical
CVE-2018-9160 was published for sickrage (pip) May 13, 2022
Grafana plugin SDK Information Leakage Critical
CVE-2024-8986 was published for github.com/grafana/grafana-plugin-sdk-go (Go) Sep 19, 2024
ProTip! Advisories are also available from the GraphQL API