Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,435 advisories

Loading
Moderate severity vulnerability that affects org.apache.cxf.fediz:fediz-jetty8, org.apache.cxf.fediz:fediz-jetty9, and org.apache.cxf.fediz:fediz-spring2 Moderate
CVE-2017-7661 was published for org.apache.cxf.fediz:fediz-jetty8 (Maven) Oct 18, 2018
Moderate severity vulnerability that affects org.keycloak:keycloak-core Moderate
CVE-2017-12161 was published for org.keycloak:keycloak-core (Maven) Oct 18, 2018
Moderate severity vulnerability that affects org.keycloak:keycloak-core Moderate
CVE-2018-10912 was published for org.keycloak:keycloak-core (Maven) Oct 18, 2018
keycloak-core discloses system properties Moderate
CVE-2017-2582 was published for org.keycloak:keycloak-core (Maven) Oct 18, 2018
Moderate severity vulnerability that affects org.keycloak:keycloak-core Moderate
CVE-2017-1000500 was published for org.keycloak:keycloak-core (Maven) Oct 18, 2018 withdrawn
Moderate severity vulnerability that affects org.keycloak:keycloak-core Moderate
CVE-2016-8629 was published for org.keycloak:keycloak-core (Maven) Oct 18, 2018
keycloak-core vulnerable to timing attacks against JWS token verification Moderate
CVE-2017-2585 was published for org.keycloak:keycloak-core (Maven) Oct 18, 2018
Pivotal Spring Framework DoS Attack with XML Input Moderate
CVE-2015-3192 was published for org.springframework:spring-web (Maven) Oct 17, 2018
sunSUNQ
Moderate severity vulnerability that affects org.springframework:spring-core Moderate
CVE-2015-0201 was published for org.springframework:spring-core (Maven) Oct 17, 2018
sunSUNQ
Path Traversal in org.springframework:spring-core Moderate
CVE-2018-1271 was published for org.springframework:spring-core (Maven) Oct 17, 2018
sunSUNQ MarkLee131
Denial of Service in org.springframework:spring-core Moderate
CVE-2018-1257 was published for org.springframework:spring-core (Maven) Oct 17, 2018
sunSUNQ MarkLee131
Improper Input Validation in org.springframework.security:spring-security-core, org.springframework.security:spring-security-core , and org.springframework:spring-core Moderate
CVE-2018-1199 was published for org.springframework.security:spring-security-core (Maven) Oct 17, 2018
sunSUNQ
There is a XML external entity expansion (XXE) vulnerability in Apache Solr config files Moderate
CVE-2018-8010 was published for org.apache.solr:solr-core (Maven) Oct 17, 2018
MarkLee131
XML external entity expansion in org.apache.solr:solr-core Moderate
CVE-2018-8026 was published for org.apache.solr:solr-core (Maven) Oct 17, 2018
MarkLee131
Moderate severity vulnerability that affects org.apache.mesos:mesos Moderate
CVE-2018-8023 was published for org.apache.mesos:mesos (Maven) Oct 17, 2018
Moderate severity vulnerability that affects org.apache.storm:storm-core Moderate
CVE-2018-1332 was published for org.apache.storm:storm-core (Maven) Oct 17, 2018
In Apache PDFBox a carefully crafted PDF file can trigger an extremely long running computation Moderate
CVE-2018-11797 was published for org.apache.pdfbox:pdfbox (Maven) Oct 17, 2018
Moderate severity vulnerability that affects org.apache.ranger:ranger Moderate
CVE-2017-7677 was published for org.apache.ranger:ranger (Maven) Oct 17, 2018
Apache Ranger policy engine incorrectly matches paths in certain conditions Moderate
CVE-2016-8746 was published for org.apache.ranger:ranger-plugins-common (Maven) Oct 17, 2018
Apache Ranger admin users can store some arbitrary javascript code to be executed when normal users login and access policies Moderate
CVE-2016-8751 was published for org.apache.ranger:ranger (Maven) Oct 17, 2018
Moderate severity vulnerability that affects org.apache.ranger:ranger Moderate
CVE-2016-6815 was published for org.apache.ranger:ranger (Maven) Oct 17, 2018
Apache Ranger allows remote authenticated administrators to inject arbitrary web script or HTML Moderate
CVE-2016-5395 was published for org.apache.ranger:ranger (Maven) Oct 17, 2018
Apache Tomcat Race Condition vulnerability Moderate
CVE-2018-8037 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
Apache Tomcat information exposure vulnerability Moderate
CVE-2018-1305 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
Apache Tomcat unauthorized access vulnerability Moderate
CVE-2018-1304 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database