GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
Apache InLong vulnerable to Incorrect Permission Assignment for Critical Resource
High
CVE-2023-31454
was published
for
org.apache.inlong:manager-service
(Maven)
Jul 6, 2023
Apache InLong Incorrect Permission Assignment for Critical Resource Vulnerability
High
CVE-2023-31453
was published
for
org.apache.inlong:manager-service
(Maven)
Jul 6, 2023
Apache Tomcat vulnerable to information leak
High
CVE-2023-34981
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Jun 21, 2023
Insecure Temporary File in HuTool
High
CVE-2023-33695
was published
for
cn.hutool:hutool-core
(Maven)
Jun 13, 2023
Jenkins SAML Single Sign On(SSO) Plugin missing permission checks
High
CVE-2023-32992
was published
for
io.jenkins.plugins:miniorange-saml-sp
(Maven)
May 16, 2023
Jenkins File Parameter Plugin arbitrary file write vulnerability
High
CVE-2023-32986
was published
for
io.jenkins.plugins:file-parameters
(Maven)
May 16, 2023
Apache Ranger Hive Plugin missing permissions check
High
CVE-2021-40331
was published
for
org.apache.ranger:ranger-hive-plugin
(Maven)
May 5, 2023
Insecure Permissions issue in jeecg-boot
High
CVE-2021-37305
was published
for
org.jeecgframework.boot:jeecg-boot-base
(Maven)
Feb 3, 2023
Insecure Permissions issue in jeecg-boot
High
CVE-2021-37306
was published
for
org.jeecgframework.boot:jeecg-boot-base
(Maven)
Feb 3, 2023
Insecure Permissions issue in jeecg-boot
High
CVE-2021-37304
was published
for
org.jeecgframework.boot:jeecg-boot-base
(Maven)
Feb 3, 2023
Apache ShenYu Admin has insecure permissions
High
CVE-2022-37435
was published
for
org.apache.shenyu:shenyu-common
(Maven)
Sep 2, 2022
Arbitrary code execution vulnerability in Jenkins Speaks! Plugin
High
CVE-2017-1000403
was published
for
org.jvnet.hudson.plugins:speaks
(Maven)
May 13, 2022
Arbitrary code execution due to incomplete sandbox protection in Jenkins Pipeline
High
CVE-2017-1000096
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps
(Maven)
May 13, 2022
Improper privilege handling in Apache Accumulo
High
CVE-2020-17533
was published
for
org.apache.accumulo:accumulo-master
(Maven)
Feb 9, 2022
Code injection in Apache Druid
High
CVE-2021-25646
was published
for
org.apache.druid:druid
(Maven)
Jun 16, 2021
High severity vulnerability that affects org.scala-lang:scala-compiler
High
CVE-2017-15288
was published
for
org.scala-lang:scala-compiler
(Maven)
Oct 19, 2018
ProTip!
Advisories are also available from the
GraphQL API