Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

16 advisories

Loading
Apache InLong vulnerable to Incorrect Permission Assignment for Critical Resource High
CVE-2023-31454 was published for org.apache.inlong:manager-service (Maven) Jul 6, 2023
Apache InLong Incorrect Permission Assignment for Critical Resource Vulnerability High
CVE-2023-31453 was published for org.apache.inlong:manager-service (Maven) Jul 6, 2023
Apache Tomcat vulnerable to information leak High
CVE-2023-34981 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jun 21, 2023
sunSUNQ westonsteimel
Insecure Temporary File in HuTool High
CVE-2023-33695 was published for cn.hutool:hutool-core (Maven) Jun 13, 2023
Jenkins SAML Single Sign On(SSO) Plugin missing permission checks High
CVE-2023-32992 was published for io.jenkins.plugins:miniorange-saml-sp (Maven) May 16, 2023
Jenkins File Parameter Plugin arbitrary file write vulnerability High
CVE-2023-32986 was published for io.jenkins.plugins:file-parameters (Maven) May 16, 2023
Apache Ranger Hive Plugin missing permissions check High
CVE-2021-40331 was published for org.apache.ranger:ranger-hive-plugin (Maven) May 5, 2023
Insecure Permissions issue in jeecg-boot High
CVE-2021-37305 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 3, 2023
Insecure Permissions issue in jeecg-boot High
CVE-2021-37306 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 3, 2023
Insecure Permissions issue in jeecg-boot High
CVE-2021-37304 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 3, 2023
Apache ShenYu Admin has insecure permissions High
CVE-2022-37435 was published for org.apache.shenyu:shenyu-common (Maven) Sep 2, 2022
Arbitrary code execution vulnerability in Jenkins Speaks! Plugin High
CVE-2017-1000403 was published for org.jvnet.hudson.plugins:speaks (Maven) May 13, 2022
Arbitrary code execution due to incomplete sandbox protection in Jenkins Pipeline High
CVE-2017-1000096 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) May 13, 2022
Improper privilege handling in Apache Accumulo High
CVE-2020-17533 was published for org.apache.accumulo:accumulo-master (Maven) Feb 9, 2022
Code injection in Apache Druid High
CVE-2021-25646 was published for org.apache.druid:druid (Maven) Jun 16, 2021
High severity vulnerability that affects org.scala-lang:scala-compiler High
CVE-2017-15288 was published for org.scala-lang:scala-compiler (Maven) Oct 19, 2018
ProTip! Advisories are also available from the GraphQL API