GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
159 advisories
Filter by severity
Cleartext Transmission of Sensitive Information in Apache CXF
Moderate
CVE-2014-0035
was published
for
org.apache.cxf:cxf-core
(Maven)
May 13, 2022
Improper Neutralization of Input During Web Page Generation in Apache CXF
Moderate
CVE-2016-6812
was published
for
org.apache.cxf:cxf-core
(Maven)
May 13, 2022
Improper Authentication in Apache CXF
Moderate
CVE-2012-5633
was published
for
org.apache.cxf:cxf
(Maven)
May 13, 2022
Cloud Foundry UAA Denial of Service through client token revocation endpoint
Moderate
CVE-2017-8031
was published
for
org.cloudfoundry.identity:cloudfoundry-identity-server
(Maven)
May 13, 2022
Pivotal Cloud Foundry UAA XSS on UAA OpenID Connect check session iframe endpoint
Moderate
CVE-2018-1190
was published
for
org.cloudfoundry.identity:cloudfoundry-identity-server
(Maven)
May 13, 2022
Improper Control of Generation of Code in Apache Camel
Moderate
CVE-2013-4330
was published
for
org.apache.camel:camel-core
(Maven)
May 13, 2022
ClassLoader manipulation in Apache Struts
Moderate
CVE-2014-0094
was published
for
org.apache.struts.xwork:xwork-core
(Maven)
May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Spring Framework
Moderate
CVE-2014-3578
was published
for
org.springframework:spring-core
(Maven)
May 14, 2022
Improper Neutralization of Input During Web Page Generation Apache ActiveMQ
Moderate
CVE-2016-6810
was published
for
org.apache.activemq:activemq-client
(Maven)
May 14, 2022
Insufficient Verification of Data Authenticity in Apache Tomcat
Moderate
CVE-2017-7674
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
Moderate
CVE-2015-5345
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Input Validation in Apache Tomcat
Moderate
CVE-2014-0096
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Missing XML Validation in Apache Tomcat
Moderate
CVE-2014-0119
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat
Moderate
CVE-2014-0099
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Integer Overflow or Wraparound in Apache Tomcat
Moderate
CVE-2014-0075
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Apache Tomcat Denial of Service vulnerability
Moderate
CVE-2013-4322
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
Moderate
CVE-2013-4590
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Apache Tomcat is vulnerable to HTTP request-smuggling
Moderate
CVE-2013-4286
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Apache ActiveMQ
Moderate
CVE-2015-1830
was published
for
org.apache.activemq:activemq-client
(Maven)
May 14, 2022
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
Moderate
CVE-2016-0734
was published
for
org.apache.activemq:activemq-client
(Maven)
May 14, 2022
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
Moderate
CVE-2016-0782
was published
for
org.apache.activemq:activemq-client
(Maven)
May 14, 2022
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
Moderate
CVE-2014-8110
was published
for
org.apache.activemq:activemq-client
(Maven)
May 14, 2022
Improper Neutralization of Input During Web Page Generation in Spring Framework
Moderate
CVE-2014-1904
was published
for
org.springframework:spring-webmvc
(Maven)
May 14, 2022
Authentication Bypass in Apache Tomcat
Moderate
CVE-2011-1184
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Authentication in Apache Tomcat
Moderate
CVE-2011-5062
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API