GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
8,922 advisories
Filter by severity
Apache ActiveMQ web console vulnerable to Cross-site Scripting
Moderate
CVE-2018-8006
was published
for
org.apache.activemq:activemq-web-console
(Maven)
Oct 30, 2018
No Charset in Content-Type Header in express
Moderate
CVE-2014-6393
was published
for
express
(npm)
Oct 23, 2018
Cross-Site Scripting in handlebars
Moderate
CVE-2015-8861
was published
for
handlebars
(npm)
Oct 23, 2018
Moderate severity vulnerability that affects io.vertx:vertx-core
Moderate
CVE-2018-12537
was published
for
io.vertx:vertx-core
(Maven)
Oct 19, 2018
Moderate severity vulnerability that affects com.sparkjava:spark-core
Moderate
CVE-2018-9159
was published
for
com.sparkjava:spark-core
(Maven)
Oct 19, 2018
Improper Input Validation in org.wildfly:wildfly-undertow
Moderate
CVE-2018-1047
was published
for
org.wildfly:wildfly-undertow
(Maven)
Oct 19, 2018
Undertow-core vulnerable to HTTP Request Smuggling
Moderate
CVE-2017-2666
was published
for
io.undertow:undertow-core
(Maven)
Oct 19, 2018
Moderate severity vulnerability that affects io.undertow:undertow-core
Moderate
CVE-2017-2670
was published
for
io.undertow:undertow-core
(Maven)
Oct 19, 2018
Moderate severity vulnerability that affects org.postgresql:pgjdbc-aggregate
Moderate
CVE-2018-10936
was published
for
org.postgresql:pgjdbc-aggregate
(Maven)
Oct 19, 2018
Moderate severity vulnerability that affects org.grails.plugins:fields and org.grails:grails-core
Moderate
CVE-2018-1000529
was published
for
org.grails.plugins:fields
(Maven)
Oct 19, 2018
Moderate severity vulnerability that affects org.apache.qpid:apache-qpid-broker-j
Moderate
CVE-2018-1298
was published
for
org.apache.qpid:apache-qpid-broker-j
(Maven)
Oct 19, 2018
Moderate severity vulnerability that affects org.apache.commons:commons-compress
Moderate
CVE-2018-11771
was published
for
org.apache.commons:commons-compress
(Maven)
Oct 19, 2018
Eclipse Jetty Server generates error message containing sensitive information
Moderate
CVE-2018-12536
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Oct 19, 2018
Moderate severity vulnerability that affects com.rabbitmq:amqp-client and org.springframework.amqp:spring-amqp
Moderate
CVE-2018-11087
was published
for
com.rabbitmq:amqp-client
(Maven)
Oct 18, 2018
Moderate severity vulnerability that affects org.springframework.boot:spring-boot
Moderate
CVE-2018-1196
was published
for
org.springframework.boot:spring-boot
(Maven)
Oct 18, 2018
Path traversal in org.springframework.integration:spring-integration-zip
Moderate
CVE-2018-1261
was published
for
org.springframework.integration:spring-integration-zip
(Maven)
Oct 18, 2018
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
Moderate
CVE-2016-1000345
was published
for
org.bouncycastle:bcprov-jdk14
(Maven)
Oct 18, 2018
OrientDB Studio web management interface is vulnerable to clickjacking attacks
Moderate
CVE-2015-2918
was published
for
com.orientechnologies:orientdb-studio
(Maven)
Oct 18, 2018
OrientDB Server Community Edition uses insufficiently random values to generate session IDs
Moderate
CVE-2015-2913
was published
for
com.orientechnologies:orientdb-server
(Maven)
Oct 18, 2018
Moderate severity vulnerability that affects org.owasp.antisamy:antisamy
Moderate
CVE-2018-1000643
was published
for
org.owasp.antisamy:antisamy
(Maven)
Oct 18, 2018
•
withdrawn
OWASP AntiSamy Cross-site Scripting vulnerability
Moderate
CVE-2017-14735
was published
for
org.owasp.antisamy:antisamy
(Maven)
Oct 18, 2018
Moderate severity vulnerability that affects org.owasp.antisamy:antisamy
Moderate
CVE-2016-10006
was published
for
org.owasp.antisamy:antisamy
(Maven)
Oct 18, 2018
Moderate severity vulnerability that affects org.apache.cxf.fediz:fediz-spring, org.apache.cxf.fediz:fediz-spring2, and org.apache.cxf.fediz:fediz-spring3
Moderate
CVE-2017-12631
was published
for
org.apache.cxf.fediz:fediz-spring
(Maven)
Oct 18, 2018
Moderate severity vulnerability that affects org.apache.cxf.fediz:fediz-jetty8, org.apache.cxf.fediz:fediz-jetty9, and org.apache.cxf.fediz:fediz-spring2
Moderate
CVE-2017-7661
was published
for
org.apache.cxf.fediz:fediz-jetty8
(Maven)
Oct 18, 2018
Moderate severity vulnerability that affects org.keycloak:keycloak-core
Moderate
CVE-2017-12161
was published
for
org.keycloak:keycloak-core
(Maven)
Oct 18, 2018
ProTip!
Advisories are also available from the
GraphQL API