Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,039
Maven
5,000+
npm
4,779
NuGet
824
pip
4,380
Pub
12
RubyGems
987
Rust
1,143
Swift
50
Unreviewed advisories
All unreviewed
5,000+

113 advisories

Loading
Improper Input Validation in Apache Tomcat Moderate
CVE-2014-0096 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ Credited to sunSUNQ
RubyGems Improper Input Validation vulnerability Moderate
CVE-2018-1000077 was published for org.jruby:jruby-stdlib (RubyGems) May 14, 2022
Improper Input Validation in libpam4j Moderate
CVE-2017-12197 was published for org.kohsuke:libpam4j (Maven) May 13, 2022
Improper Input Validation in Apache CXF Moderate
CVE-2014-0034 was published for org.apache.cxf:cxf-rt-ws-security (Maven) May 13, 2022
sunSUNQ Credited to sunSUNQ
Improper Input Validation in Apache CXF Moderate
CVE-2017-12624 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ Credited to sunSUNQ
Improper Input Validation in Apache Santuario XML Security Moderate
CVE-2014-8152 was published for org.apache.santuario:xmlsec (Maven) May 13, 2022
MarkLee131 Credited to MarkLee131
Improper Input Validation in Apache Santuario XML Security Moderate
CVE-2013-4517 was published for org.apache.santuario:xmlsec (Maven) May 13, 2022
MarkLee131 Credited to MarkLee131
Jenkins Vulnerable to Denial of Service (DoS) via Crafted Payload Moderate
CVE-2013-0331 was published for org.jenkins-ci.main:jenkins-core (Maven) May 5, 2022
Apache Tomcat Denial of Service via Malformed Request Headers Moderate
CVE-2009-0033 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
OpenSymphony XWork vulnerable to improper input validation Moderate
CVE-2007-4556 was published for opensymphony:xwork (Maven) May 1, 2022
Improper Input Validation in Mortbay Jetty Moderate
CVE-2006-2759 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022
Spoofing attack in swagger-ui Moderate
CVE-2018-25031 was published for org.webjars:swagger-ui (Maven) Mar 12, 2022
AndrzejBiernacki2010 Credited to AndrzejBiernacki2010
Improper Input Validation and Allocation of Resources Without Limits or Throttling in poi-scratchpad Moderate
CVE-2022-26336 was published for org.apache.poi:poi-scratchpad (Maven) Mar 5, 2022
SunBK201 Credited to SunBK201
Improper Input Validation in Xerces Moderate
CVE-2020-14338 was published for xerces:xercesImpl (Maven) Feb 15, 2022
mcr-paulanand Credited to mcr-paulanand
Improper Input Validation in Apache Solr Moderate
CVE-2020-13941 was published for org.apache.solr:solr-parent (Maven) Feb 10, 2022
Improper Input Validation in Apache Pulsar Moderate
CVE-2021-41571 was published for org.apache.pulsar:pulsar (Maven) Feb 2, 2022
Improper Input Validation and Injection in Apache Log4j2 Moderate
CVE-2021-44832 was published for org.apache.logging.log4j:log4j-core (Maven) Jan 4, 2022
ppkarwasz Credited to ppkarwasz
Denial of service in DataCommunicator class in Vaadin 8 Moderate
CVE-2021-33609 was published for com.vaadin:vaadin-server (Maven) Oct 13, 2021
SunBK201 Credited to SunBK201
Code injection in Kubernetes Java Client Moderate
CVE-2021-25738 was published for io.kubernetes:client-java (Maven) Oct 12, 2021
Improper Input Validation in Jakarta Expression Language Moderate
CVE-2021-28170 was published for com.sun.el:el-ri (Maven) Oct 6, 2021
levpachmanov Credited to levpachmanov
Possible route enumeration in production mode via RouteNotFoundError view in Vaadin 10, 11-14, and 15-19 Moderate
CVE-2021-31412 was published for com.vaadin:vaadin-bom (Maven) Jun 28, 2021
Improper Input Validation in Hibernate Validator Moderate
CVE-2020-10693 was published for org.hibernate.validator:hibernate-validator (Maven) Jun 4, 2021
Path Traversal and Improper Input Validation in Apache Commons IO Moderate
CVE-2021-29425 was published for com.cosium.vet:vet (Maven) Apr 26, 2021
wtwhite Credited to wtwhite and jensdietrich jensdietrich jensdietrich
Directory traversal in development mode handler in Vaadin 14 and 15-17 Moderate
CVE-2020-36321 was published for com.vaadin:flow-server (Maven) Apr 19, 2021
Directory traversal in development mode handler in Vaadin 14 and 15-17 Moderate
GHSA-82mf-mmh7-hxp5 was published for com.vaadin:vaadin-bom (Maven) Apr 19, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database