Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

95 advisories

Loading
Moderate severity vulnerability that affects org.apache.qpid:apache-qpid-broker-j Moderate
CVE-2018-1298 was published for org.apache.qpid:apache-qpid-broker-j (Maven) Oct 19, 2018
Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin Moderate
CVE-2017-15707 was published for org.apache.struts:struts2-rest-plugin (Maven) Oct 16, 2018
Moderate severity vulnerability that affects org.apache.oozie:oozie-core Moderate
CVE-2018-11799 was published for org.apache.oozie:oozie-core (Maven) Dec 20, 2018
Man-in-the-middle attack in Apache Axis Moderate
CVE-2012-5784 was published for axis:axis (Maven) Oct 7, 2020
Directory traversal in development mode handler in Vaadin 14 and 15-17 Moderate
GHSA-82mf-mmh7-hxp5 was published for com.vaadin:vaadin-bom (Maven) Apr 19, 2021
Improper Input Validation in Mortbay Jetty Moderate
CVE-2006-2759 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022
Improper Input Validation in Apache Axis2 Moderate
CVE-2012-5785 was published for org.apache.axis2:axis2 (Maven) May 17, 2022
Improper Input Validation in Apache Tomcat Moderate
CVE-2011-4858 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
Improper Input Validation in libpam4j Moderate
CVE-2017-12197 was published for org.kohsuke:libpam4j (Maven) May 13, 2022
Improper Input Validation in Apache Tomcat Moderate
CVE-2014-0033 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
XML External Entity Reference in RESTEasy Moderate
CVE-2014-7839 was published for org.jboss.resteasy:resteasy-jaxrs (Maven) May 17, 2022
Improper Input Validation in Apache Karaf Moderate
CVE-2014-0219 was published for org.apache.karaf:apache-karaf (Maven) May 14, 2022
Improper Input Validation in Apache Batik Moderate
CVE-2015-0250 was published for org.apache.xmlgraphics:batik (Maven) May 17, 2022
Improper Input Validation in Bouncy Castle Moderate
CVE-2013-1624 was published for org.bouncycastle:bcprov-jdk15on (Maven) May 14, 2022
Keycloak user may register themselves with same email ID of any existing user Moderate
CVE-2021-3754 was published for org.keycloak:keycloak-core (Maven) Aug 27, 2022
Improper Input Validation and Injection in Apache Log4j2 Moderate
CVE-2021-44832 was published for org.apache.logging.log4j:log4j-core (Maven) Jan 4, 2022
Proxy component of Apache Pulsar subject to abuse as Denial of Service endpoint Moderate
CVE-2022-24280 was published for org.apache.pulsar:pulsar (Maven) Sep 25, 2022
JBoss RichFaces Improper Input Validation vulnerability Moderate
CVE-2014-0086 was published for org.richfaces:richfaces (Maven) May 17, 2022
Code injection in Kubernetes Java Client Moderate
CVE-2021-25738 was published for io.kubernetes:client-java (Maven) Oct 12, 2021
Possible route enumeration in production mode via RouteNotFoundError view in Vaadin 10, 11-14, and 15-19 Moderate
CVE-2021-31412 was published for com.vaadin:vaadin-bom (Maven) Jun 28, 2021
Improper Input Validation in OpenSymphony XWork Moderate
CVE-2008-6504 was published for com.opensymphony:xwork (Maven) May 17, 2022
Improper Input Validation in Apache Archiva Moderate
CVE-2019-0214 was published for org.apache.archiva:archiva (Maven) May 14, 2019
Improper input validation in Apache Santuario XML Security for Java Moderate
CVE-2019-12400 was published for org.apache.santuario:xmlsec (Maven) Aug 27, 2019
Moderate severity vulnerability that affects com.fasterxml.jackson.datatype:jackson-datatype-jsr353 Moderate
CVE-2018-1000873 was published for com.fasterxml.jackson.datatype:jackson-datatype-jsr310 (Maven) Dec 21, 2018
Improper Input Validation in Hibernate Validator Moderate
CVE-2020-10693 was published for org.hibernate.validator:hibernate-validator (Maven) Jun 4, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database