GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+
158,248 advisories
Filter by severity
Moderate severity vulnerability that affects org.apache.ignite:ignite-core
Moderate
CVE-2016-6805
was published
for
org.apache.ignite:ignite-core
(Maven)
Oct 16, 2018
Moderate severity vulnerability that affects rack-mini-profiler
Moderate
GHSA-995j-587r-259w
was published
for
rack-mini-profiler
(RubyGems)
Aug 13, 2018
•
withdrawn
Moderate severity vulnerability that affects org.keycloak:keycloak-core
Moderate
CVE-2017-12161
was published
for
org.keycloak:keycloak-core
(Maven)
Oct 18, 2018
Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main
Moderate
CVE-2017-3166
was published
for
org.apache.hadoop:hadoop-main
(Maven)
Dec 21, 2018
Moderate severity vulnerability that affects org.apache.ranger:ranger
Moderate
CVE-2017-7677
was published
for
org.apache.ranger:ranger
(Maven)
Oct 17, 2018
Sensitive Data Exposure in parse-server
Moderate
CVE-2019-1020013
was published
for
parse-server
(npm)
Jul 11, 2019
Moderate severity vulnerability that affects com.puppycrawl.tools:checkstyle
Moderate
CVE-2019-9658
was published
for
com.puppycrawl.tools:checkstyle
(Maven)
Mar 14, 2019
VBScript Content Injection in marked
Moderate
CVE-2015-1370
was published
for
marked
(npm)
Oct 24, 2017
Moderate severity vulnerability that affects org.apache.karaf:apache-karaf
Moderate
CVE-2016-8750
was published
for
org.apache.karaf:apache-karaf
(Maven)
Jan 7, 2019
Moderate severity vulnerability that affects marked
Moderate
CVE-2017-17461
was published
for
marked
(npm)
Jan 4, 2018
•
withdrawn
Cross-Site Scripting in morris.js
Moderate
CVE-2017-16022
was published
for
morris.js
(npm)
Nov 9, 2018
OPC UA applications can allow a remote attacker to determine a Server's private key
Moderate
CVE-2018-7559
was published
for
OPCFoundation.NetStandard.Opc.Ua
(NuGet)
Oct 16, 2018
Cross-Site Scripting in serialize-javascript
Moderate
CVE-2019-16769
was published
for
serialize-javascript
(npm)
Dec 5, 2019
Moderate severity vulnerability that affects org.apache.hive:hive-jdbc
Moderate
CVE-2018-1314
was published
for
org.apache.hive:hive-jdbc
(Maven)
Nov 21, 2018
Moderate severity vulnerability that affects org.apache.karaf:apache-karaf and org.apache.karaf:karaf
Moderate
CVE-2019-0191
was published
for
org.apache.karaf:apache-karaf
(Maven)
Mar 25, 2019
Hijacked Environment Variables in proxy.js
Moderate
CVE-2017-16076
was published
for
proxy.js
(npm)
Aug 29, 2018
Moderate severity vulnerability that affects rack
Moderate
GHSA-9vc2-p34x-jhxh
was published
for
rack
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects DotNetNuke.Core
Moderate
CVE-2015-1566
was published
for
DotNetNuke.Core
(NuGet)
Oct 16, 2018
Moderate severity vulnerability that affects org.apache.mesos:mesos
Moderate
CVE-2018-8023
was published
for
org.apache.mesos:mesos
(Maven)
Oct 17, 2018
Incorrect handling of CORS preflight request headers in hapi
Moderate
CVE-2015-9236
was published
for
hapi
(npm)
Jun 7, 2018
Cross-Site Scripting in @risingstack/protect
Moderate
CVE-2018-1000160
was published
for
@risingstack/protect
(npm)
Apr 25, 2018
Moderate severity vulnerability that affects org.apache.jspwiki:jspwiki-main
Moderate
CVE-2019-0224
was published
for
org.apache.jspwiki:jspwiki-main
(Maven)
Apr 2, 2019
Moderate severity vulnerability that affects org.apache.tika:tika-core
Moderate
CVE-2018-11762
was published
for
org.apache.tika:tika-core
(Maven)
Oct 17, 2018
Downloads Resources over HTTP in arcanist
Moderate
CVE-2016-10683
was published
for
arcanist
(npm)
Feb 18, 2019
ProTip!
Advisories are also available from the
GraphQL API