Browse Security Advisories
Low Security Advisories for org.apache.hive:hive-exec Clear Filters
Low
over 3 years ago
Jenkins hyper.sh Commons Plugin stores credentials in plain text
maven
sh.hyper.plugins:hyper-commons
Low
over 3 years ago
Jenkins PRQA Plugin stored password in plain text
maven
com.programmingresearch:prqa-plugin
Low
over 3 years ago
Jenkins Repository Connector Plugin has insufficiently protected credentials
maven
org.jenkins-ci.plugins:repository-connector
Low
over 3 years ago
Jenkins youtrack-plugin Plugin stored credentials in plain text
maven
org.jenkins-ci.plugins:youtrack-plugin
Low
over 3 years ago
Jenkins Jabber Server Plugin stores credentials in plain text
maven
de.e-nexus:jabber-server-plugin
Low
over 3 years ago
Jenkins Minio Storage Plugin stores credentials in plain text
maven
org.jenkins-ci.plugins:minio-storage
Low
over 3 years ago
Jenkins CloudCoreo DeployTime Plugin stores credentials in plain text
maven
com.cloudcoreo.plugins:cloudcoreo-deploytime
Low
over 3 years ago
Jenkins Sametime Plugin stores credentials in plain text
maven
org.jenkins-ci.plugins:sametime
Low
over 3 years ago
Jenkins Koji Plugin stores credentials in plain text
maven
org.jenkins-ci.plugins:koji
Low
over 3 years ago
Jenkins Netsparker Enterprise Scan Plugin stored credentials in plain text
maven
org.jenkins-ci.plugins:netsparker-cloud-scan
Low
over 3 years ago
Jenkins Serena SRA Deploy Plugin stores credentials in plain text
maven
com.urbancode.ds.jenkins.plugins:sra-deploy
Low
over 3 years ago
Jenkins Relution Enterprise Appstore Publisher Plugin stores credentials in plain text
maven
org.jenkins-ci.plugins:relution-publisher
Low
over 3 years ago
Moodle Multiple cross-site scripting (XSS) vulnerabilities in the File Picker module
packagist
moodle/moodle
Low
over 3 years ago
Moodle's login_as feature leaks information from external repositories
packagist
moodle/moodle
Low
over 3 years ago
Moodle allows attackers to bypass intended login restrictions
packagist
moodle/moodle
Low
over 3 years ago
Moodle allows attackers to upload files containing JavaScript
packagist
moodle/moodle
Low
over 3 years ago
Moodle multiple cross-site scripting (XSS) vulnerabilities
packagist
moodle/moodle
Low
over 3 years ago
ActiveMQ's OpenWire protocol exposes certain system details as plain text
maven
org.apache.activemq:activemq-parent, org.apache.activemq:activemq-openwire-generator
Low
over 3 years ago
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability in the Host Aggregates interface
pypi
horizon
Low
over 3 years ago
Cloud Foundry Runtime has Weak Password Recovery Mechanism for Forgotten Password
maven
org.cloudfoundry.identity:cloudfoundry-identity-server
Low
over 3 years ago
Incorrect Default Permissions in Apache Commons FileUpload
maven
commons-fileupload:commons-fileupload
Low
over 3 years ago
ruby_parser allows local users to overwrite arbitrary files via symlink attack on temporary file with predictable name
rubygems
ruby_parser
Low
over 3 years ago
Jenkins allows attackers to obtain the master cryptographic key
maven
org.jenkins-ci.main:jenkins-core
Low
over 3 years ago
Jenkins allows Cross-Site Scripting (XSS)
maven
org.jenkins-ci.main:jenkins-core
Low
over 3 years ago
Jenkins allows Cross-Site Scripting (XSS)
maven
org.jenkins-ci.main:jenkins-core
Low
over 3 years ago
Cross-site scripting in Apache ActiveMQ
maven
org.apache.activemq:activemq-parent
Low
over 3 years ago
Commerce extension for TYPO3 vulnerable to Cross-site Scripting
packagist
commerceteam/commerce
Low
over 3 years ago
TYPO3 Direct Mail Extension Vulnerable to Cross-Site Scripting (XSS)
packagist
directmailteam/direct-mail
Low
over 3 years ago
Apache Tomcat information disclosure vulnerability
maven
org.apache.tomcat:tomcat
Low
over 3 years ago
Alkacon OpenCMS XSS via searchfilter parameter in system/workplace/admin/workplace/sessions.jsp
maven
org.opencms:opencms-core
Low
over 3 years ago
Alkacon OpenCMS XSS via searchfilter or listSearchFilter parameter
maven
org.opencms:opencms-core
Low
over 3 years ago
Alkacon Open CMS XSS via Logfile Viewer Settings function
maven
org.opencms:opencms-core
Low
over 3 years ago
Alkacon OpenCMS XSS via file tree navigation in system/workplace/views/explorer/tree_files.jsp
maven
org.opencms:opencms-core
Low
over 3 years ago
Apache Tomcat vulnerable to Cross-site Scripting
maven
org.apache.tomcat:tomcat
Low
over 3 years ago
Alkacon OpenCms XSS via unsanitized message body
maven
org.opencms:opencms-core
Low
over 3 years ago
Alkacon OpenCms XSS via query parameter in a search action
maven
org.opencms:opencms-core
Low
over 3 years ago
Apache Tomcat Default Installation Reveals Sensitive Information
maven
org.apache.tomcat:tomcat
Low
over 3 years ago
Keycloak is vulnerable to IDN homograph attack
maven
org.keycloak:keycloak-services
Low
over 3 years ago
OIDC Logout redirect in keycloak
maven
org.keycloak:keycloak-oidc-client-adapter-pom
Low
over 3 years ago
Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon
cargo
Simple-Wayland-HotKey-Daemon
Low
over 3 years ago
Renderers can obtain access to random bluetooth device without permission in Electron
npm
electron
Low
over 3 years ago
Sensitive parameter values captured in build metadata files by Jenkins Parameterized Trigger Plugin
maven
org.jenkins-ci.plugins:parameterized-trigger
Low
over 3 years ago
Client Secret stored in plain text by Jenkins GitLab Authentication Plugin
maven
org.jenkins-ci.plugins:gitlab-oauth
Low
over 3 years ago
Inconsistent storage layout for ERC2771ContextUpgradeable
npm
@openzeppelin/contracts-upgradeable
Low
over 3 years ago
Shopware user session is not logged out if the password is reset via password recovery
packagist
shopware/core, shopware/platform
Low
over 3 years ago
Forwarding of confidentials headers to third parties in fluture-node
npm
fluture-node
Low
over 3 years ago
Agent-to-controller security bypass in Jenkins HashiCorp Vault Plugin
maven
com.datapipe.jenkins.plugins:hashicorp-vault-plugin
Low
over 3 years ago
Improper Synchronization in Jenkins Convertigo Mobile Platform Plugin
maven
com.convertigo.jenkins.plugins:convertigo-mobile-platform
Low
over 3 years ago
Path traversal in github.com/cloudflare/cfrpki/cmd/octorpki
go
github.com/cloudflare/cfrpki
Low
over 3 years ago
gobase subject to Incorrect routing of some HTTP requests when using httpauth due to a race condition
go
github.com/ntbosscher/gobase
Low
over 3 years ago
personnummer/go vulnerable to Improper Input Validation
go
github.com/personnummer/go
Low
over 3 years ago
In-band key negotiation issue in AWS S3 Crypto SDK for golang
go
github.com/aws/aws-sdk-go
Low
over 3 years ago
Harbor is vulnerable to a limited Server-Side Request Forgery (SSRF) (CVE-2020-13788)
go
github.com/goharbor/harbor
Low
over 3 years ago
Chrono has potential segfault issue in SPIFFE authenticator
cargo
parsec-service
Low
over 3 years ago
Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
pypi
ansible
Low
over 3 years ago
Generation of Error Message Containing Sensitive Information in Keycloak
maven
org.keycloak:keycloak-parent
Filter by Severity
Filter by Ecosystem
pypi
518
maven
361
packagist
319
go
236
npm
231
nuget
119
cargo
109
rubygems
59
hex
6
actions
3
swift
2
pub
2
Filter by Package
tensorflow
105
tensorflow-cpu
103
tensorflow-gpu
98
moodle/moodle
34
github.com/mattermost/mattermost/server/v8
33
org.jenkins-ci.main:jenkins-core
19
concrete5/concrete5
16
magento/community-edition
14
typo3/cms
13
shopware/platform
13
phpmyadmin/phpmyadmin
13
vyper
12
shopware/core
11
org.opencms:opencms-core
11
github.com/mattermost/mattermost-server
10
ethyca-fides
9
org.apache.tomcat:tomcat
9
silverstripe/framework
8
wasmtime
8
magento/project-community-edition
8
nova
8
Umbraco.CMS
7
typo3/cms-core
7
undici
7
puppet
6
k8s.io/kubernetes
6
github.com/cilium/cilium
6
next
5
Magick.NET-Q16-OpenMP-x64
5
Magick.NET-Q16-OpenMP-arm64
5
Magick.NET-Q8-OpenMP-arm64
5
ansible
5
Magick.NET-Q16-HDRI-x64
5
Magick.NET-Q8-x64
5
sweetalert2
5
elliptic
5
Magick.NET-Q16-HDRI-arm64
5
Magick.NET-Q16-HDRI-OpenMP-x64
5
rack
5
baserproject/basercms
5
Magick.NET-Q16-x64
5
actionpack
5
Magick.NET-Q16-arm64
5
rails-html-sanitizer
5
org.keycloak:keycloak-services
5
Magick.NET-Q16-HDRI-OpenMP-arm64
5
october/backend
5
Magick.NET-Q8-arm64
5
Magick.NET-Q8-OpenMP-x64
5
symfony/symfony
4
github.com/mattermost/mattermost-server/v6
4
github.com/hashicorp/vault
4
helm.sh/helm/v3
4
Magick.NET-Q8-AnyCPU
4
Magick.NET-Q16-x86
4
github.com/authzed/spicedb
4
Magick.NET-Q8-x86
4
cryptography
4
Magick.NET-Q16-AnyCPU
4
Magick.NET-Q16-HDRI-x86
4
com.vaadin:flow-server
4
helm.sh/helm
4
microweber/microweber
4
vantage6
4
Magick.NET-Q16-HDRI-AnyCPU
4
zenml
4
shopware/shopware
4
electron
4
simplesamlphp/simplesamlphp
4
@openzeppelin/contracts-upgradeable
3
github.com/canonical/lxd
3
org.graylog2:graylog2-server
3
go.etcd.io/etcd/v3
3
bin-links
3
keystone
3
ckb
3
librenms/librenms
3
github.com/cosmos/cosmos-sdk
3
october/system
3
risc0-zkvm
3
nokogiri
3
angular
3
aiohttp
3
aws-cdk-lib
3
langchain
3
apache-airflow
3
org.apache.hive:hive-service
3
sudo-rs
3
passenger
3
django
3
org.apache.hive:hive
3
mattermost-desktop
3
gradio
3
nautobot
3
matrix-synapse
3
surrealdb
3
github.com/docker/docker
3
directus
3
com.vaadin:vaadin-bom
3
twig/twig
3
github.com/grafana/grafana
3
typo3/cms-install
3
node-forge
3
typo3/cms-backend
3
typo3/cms-frontend
2
@openzeppelin/contracts
2
juzaweb/cms
2
Umbraco.Forms
2
parse-server
2
OctoPrint
2
weblate
2
github.com/nats-io/nats-server/v2
2
node-ipc
2
org.apache.tomcat:tomcat-catalina
2
joomla/joomla-cms
2
go.etcd.io/etcd/client/v3
2
org.apache.hive:hive-exec
2
drupal/drupal
2
github.com/ntbosscher/gobase
2
wagtail
2
tokio
2
drupal/core
2
express
2
s2n-quic
2
Zope
2
com.xuxueli:xxl-sso
2
org.jenkins-ci.plugins:ghprb
2
agnai
2
org.jenkins-ci.plugins:repository-connector
2
tribalsystems/zenario
2
org.apache.hadoop:hadoop-common
2
@keystone-6/core
2
freewvs
2
guarddog
2
@apollo/server
2
github.com/containerd/containerd
2
org.jenkins-ci.plugins:wso2id-oauth
2
sylius/sylius
2
october/cms
2
risc0-circuit-rv32im
2
grumpydictator/firefly-iii
2
vllm
2
github.com/hashicorp/nomad
2
gilacms/gila
2
braces
2
com.ruoyi:ruoyi
2
com.inedo.proget:inedo-proget
2
winter/wn-backend-module
2
horizon
2
symfony/security-http
2
org.jenkins-ci.plugins:artifactory
2
ezsystems/ezplatform-kernel
2
github.com/Ackites/KillWxapkg
2
mautic/core
2
org.bouncycastle:bc-fips
2
fiora
2
hackney
2
dolibarr/dolibarr
2
ceph-deploy
2
org.eclipse.jetty:jetty-server
2
glance
2
vaultwarden
2
Nova
2
org.keycloak:keycloak-ldap-federation
2
matrix-appservice-irc
2
vite
2
craftcms/cms
2
org.jenkins-ci.plugins:mercurial
2
com.xuxueli:xxl-job-core
2
sequoia-openpgp
2
yeswiki/yeswiki
2
github.com/answerdev/answer
2
Weblate
2
python-keystoneclient
2
s2n-tls
2
tuf
2
plone
2
org.jenkins-ci.plugins:azure-ad
2
github.com/mutagen-io/mutagen
2
org.apache.activemq:activemq-parent
2
vantage6-server
2
cargo
2
@lodestar/reqresp
2
@sveltejs/kit
2
github.com/cometbft/cometbft
2
github.com/apache/incubator-answer
2
Flask-Security-Too
2
tools.devnull:build-notifications
2
ezsystems/ezpublish-kernel
2
org.eclipse.jetty:jetty-servlets
2
serve-static
2
salt
2
statamic/cms
2
github.com/authelia/authelia/v4
2
github.com/opencontainers/runc
2
@eslint/plugin-kit
2
org.jenkins-ci.plugins:bigpanda-jenkins
2
shescape
2
github.com/goharbor/harbor
2
github.com/1Panel-dev/1Panel
2
Filter by Repository
https://github.com/tensorflow/tensorflow
105
https://github.com/moodle/moodle
19
https://github.com/concretecms/concretecms
14
https://github.com/vyperlang/vyper
12
https://github.com/TYPO3/typo3
12
https://github.com/shopware/platform
12
https://github.com/mattermost/mattermost
12
https://github.com/octobercms/october
10
https://github.com/openstack/nova
10
https://github.com/ethyca/fides
9
https://github.com/alkacon/opencms-core
9
https://github.com/etcd-io/etcd
8
https://github.com/umbraco/Umbraco-CMS
8
https://github.com/VulnSageAgent/PoCs
8
https://github.com/keycloak/keycloak
8
https://github.com/jenkinsci/jenkins
8
https://github.com/bytecodealliance/wasmtime
8
https://github.com/eclipse/jetty.project
7
https://github.com/xwiki/xwiki-platform
7
https://github.com/symfony/symfony
7
https://github.com/phpmyadmin/phpmyadmin
7
https://github.com/nodejs/undici
7
https://github.com/kubernetes/kubernetes
7
https://github.com/rails/rails
6
https://github.com/ansible/ansible
6
https://github.com/apache/airflow
6
https://github.com/apache/tomcat
6
https://github.com/cilium/cilium
6
https://github.com/vantage6/vantage6
6
https://github.com/liferay/liferay-portal
6
https://github.com/baserproject/basercms
5
https://github.com/silverstripe/silverstripe-framework
5
https://github.com/ImageMagick/ImageMagick
5
https://github.com/puppetlabs/puppet
5
https://github.com/vercel/next.js
5
https://github.com/helm/helm
5
https://github.com/rack/rack
5
https://github.com/rails/rails-html-sanitizer
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/indutny/elliptic
5
https://github.com/shopware/shopware
5
https://github.com/electron/electron
4
https://github.com/WeblateOrg/weblate
4
https://github.com/vaadin/platform
4
https://github.com/wintercms/winter
4
https://github.com/authzed/spicedb
4
https://github.com/simplesamlphp/simplesamlphp
4
https://github.com/pyca/cryptography
4
https://github.com/risc0/risc0
3
https://github.com/nautobot/nautobot
3
https://github.com/matrix-org/synapse
3
https://github.com/Graylog2/graylog2-server
3
https://github.com/surrealdb/surrealdb
3
https://github.com/cometbft/cometbft
3
https://github.com/openstack/keystone
3
https://gitlab.com/sequoia-pgp/sequoia
3
https://github.com/digitalbazaar/forge
3
https://github.com/aio-libs/aiohttp
3
https://github.com/cosmos/cosmos-sdk
3
https://github.com/aws/aws-cdk
3
https://github.com/zenml-io/zenml
3
https://github.com/bcgit/bc-java
3
https://github.com/twigphp/Twig
3
https://github.com/librenms/librenms
3
https://github.com/django/django
3
https://github.com/phusion/passenger
3
https://sourceforge.net/projects/phpmyadmin.sourceforge.net
3
https://github.com/canonical/lxd
3
https://github.com/directus/directus
3
https://github.com/sparklemotion/nokogiri
3
https://github.com/nervosnetwork/ckb
3
https://github.com/Byron/gitoxide
3
https://github.com/CVEProject/cvelist
3
https://github.com/vaadin/flow
3
https://github.com/moby/moby
3
https://github.com/openstack/horizon
2
https://github.com/sigstore/cosign
2
https://github.com/vitejs/vite
2
https://github.com/parse-community/parse-server
2
https://github.com/Cyber-Wo0dy/report
2
https://github.com/sveltejs/kit
2
https://github.com/ChainSafe/lodestar
2
https://github.com/xuxueli/xxl-job
2
https://github.com/theupdateframework/python-tuf
2
https://github.com/wagtail/wagtail
2
https://github.com/Leantime/leantime
2
https://github.com/jenkinsci/ec2-plugin
2
https://github.com/apache/kylin
2
https://github.com/OpenZeppelin/openzeppelin-contracts
2
https://github.com/hashicorp/nomad
2
https://github.com/huggingface/transformers
2
https://github.com/trifectatechfoundation/sudo-rs
2
https://github.com/craftcms/cms
2
https://github.com/Upsonic/Upsonic
2
https://github.com/micromatch/braces
2
https://github.com/aws/s2n-tls
2
https://github.com/umbraco/Umbraco.Forms.Issues
2
https://github.com/AcademySoftwareFoundation/MaterialX
2
https://github.com/benoitc/hackney
2
https://github.com/dpgaspar/Flask-AppBuilder
2
https://github.com/ezsystems/ezplatform-kernel
2
https://github.com/saltstack/salt
2
https://github.com/YesWiki/yeswiki
2
https://github.com/octoprint/octoprint
2
https://github.com/1Panel-dev/1Panel
2
https://github.com/quarkusio/quarkus
2
https://github.com/firefly-iii/firefly-iii
2
https://github.com/ShenxiuSec/cve-proofs
2
https://github.com/statamic/cms
2
https://github.com/expressjs/express
2
https://github.com/traefik/traefik
2
https://github.com/dbt-labs/dbt-core
2
https://github.com/schokokeksorg/freewvs
2
https://github.com/ceph/ceph-deploy
2
https://github.com/DataDog/guarddog
2
https://github.com/dfns/cggmp21
2
https://github.com/ntbosscher/gobase
2
https://github.com/gradio-app/gradio
2
https://github.com/opencontainers/runc
2
https://github.com/ericcornelissen/shescape
2
https://github.com/opencontainers/distribution-spec
2
https://github.com/rust-lang/cargo
2
https://github.com/zopefoundation/Zope
2
https://github.com/powsybl/powsybl-core
2
https://github.com/apache/activemq
2
https://github.com/nextauthjs/next-auth
2
https://github.com/Alexhuszagh/rust-lexical
2
https://github.com/langchain-ai/langchain
2
https://github.com/mutagen-io/mutagen
2
https://github.com/containers/podman
2
https://github.com/nats-io/nats-server
2
https://github.com/mautic/mautic
2
https://github.com/eslint/rewrite
2
https://github.com/Flask-Middleware/flask-security
2
https://github.com/containerd/containerd
2
https://github.com/keystonejs/keystone
2
https://github.com/Sylius/Sylius
2
https://github.com/expressjs/serve-static
2
https://github.com/opencast/opencast
2
https://github.com/RIAEvangelist/node-ipc
2
https://github.com/Exiv2/exiv2
2
https://github.com/agnaistic/agnai
2
https://github.com/Dolibarr/dolibarr
2
https://github.com/goharbor/harbor
2
https://github.com/apollographql/apollo-server
2
https://github.com/tokio-rs/tokio
2
https://github.com/microweber/microweber
2
https://github.com/aws/s2n-quic
2
https://github.com/vllm-project/vllm
2
https://github.com/apache/druid
2
https://github.com/GilaCMS/gila
2
https://github.com/matrix-org/matrix-appservice-irc
2
https://github.com/authelia/authelia
2
https://github.com/Ackites/KillWxapkg
2
https://github.com/answerdev/answer
2
https://github.com/dani-garcia/vaultwarden
2
https://github.com/dnnsoftware/Dnn.Platform
2
https://github.com/apache/ranger
1
https://github.com/moment/moment-timezone
1
https://github.com/topgrade-rs/topgrade
1
https://github.com/gsemac/Gsemac.Common
1
https://github.com/tendermint/tendermint
1
https://github.com/parallaxsecond/parsec
1
https://github.com/jenkinsci/ssh-agent-plugin
1
https://github.com/veraPDF/veraPDF-library
1
https://github.com/runatlantis/atlantis
1
https://github.com/personnummer/java
1
https://github.com/jenkinsci/parameterized-trigger-plugin
1
https://github.com/rust-ammonia/ammonia
1
https://github.com/bytecodealliance/cap-std
1
https://github.com/risc0/risc0-ethereum
1
https://github.com/step-security/harden-runner
1
https://github.com/petergoldstein/dalli
1
https://github.com/syncthing/syncthing
1
https://github.com/rust-x-bindings/rust-xcb
1
https://github.com/apache/incubator-seata
1
https://github.com/jenkinsci/aws-device-farm-plugin
1
https://github.com/apache/maven-archetype
1
https://github.com/C2FO/fast-csv
1
https://github.com/aws/aws-dynamodb-encryption-python
1
https://github.com/maboroshinokiseki/scsir
1
https://gitlab.com/gitlab-org/cves
1
https://github.com/personnummer/rust
1
https://github.com/FirebaseExtended/firepad
1
https://github.com/geyang/ml-logger
1
https://github.com/auth0/lock
1
https://github.com/ipython/ipython
1
https://github.com/Unitech/pm2
1
https://github.com/pterodactyl/panel
1
https://github.com/artifacthub/hub
1
https://github.com/sbt/sbt
1
https://github.com/Icinga/ipl-web
1
https://github.com/apache/nifi
1
https://github.com/alphagov/tech-docs-gem
1
https://github.com/erelsgl/limdu
1
https://github.com/cloudflare/tableflip
1
https://github.com/sjwall/mdx-mermaid
1
https://github.com/joomla/joomla-cms
1
https://github.com/personnummer/js
1