GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,414 advisories
Filter by severity
Apache Ranger allows remote authenticated administrators to inject arbitrary web script or HTML
Moderate
CVE-2016-5395
was published
for
org.apache.ranger:ranger
(Maven)
Oct 17, 2018
Apache Tomcat Race Condition vulnerability
Moderate
CVE-2018-8037
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Oct 17, 2018
Apache Tomcat information exposure vulnerability
Moderate
CVE-2018-1305
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Oct 17, 2018
Apache Tomcat unauthorized access vulnerability
Moderate
CVE-2018-1304
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Oct 17, 2018
Apache Tomcat Open Redirect vulnerability
Moderate
CVE-2018-11784
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Oct 17, 2018
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
Moderate
CVE-2015-7940
was published
for
org.bouncycastle:bcprov-jdk14
(Maven)
Oct 17, 2018
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
Moderate
CVE-2016-1000341
was published
for
org.bouncycastle:bcprov-jdk14
(Maven)
Oct 17, 2018
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
Moderate
CVE-2016-1000339
was published
for
org.bouncycastle:bcprov-jdk14
(Maven)
Oct 17, 2018
Moderate severity vulnerability that affects io.vertx:vertx-core
Moderate
CVE-2018-12544
was published
for
io.vertx:vertx-core
(Maven)
Oct 17, 2018
Excessive memory allocation
Moderate
CVE-2018-12541
was published
for
io.vertx:vertx-core
(Maven)
Oct 17, 2018
Moderate severity vulnerability that affects org.apache.tika:tika-core
Moderate
CVE-2018-1338
was published
for
org.apache.tika:tika-core
(Maven)
Oct 17, 2018
Comparison errorr in org.apache.tika:tika-core
Moderate
CVE-2018-8017
was published
for
org.apache.tika:tika-core
(Maven)
Oct 17, 2018
Moderate severity vulnerability that affects org.apache.tika:tika-core
Moderate
CVE-2018-11762
was published
for
org.apache.tika:tika-core
(Maven)
Oct 17, 2018
Apache Tika Server exposes sensitive information
Moderate
CVE-2015-3271
was published
for
org.apache.tika:tika-server
(Maven)
Oct 17, 2018
org.apache.tika:tika-parsers has an Infinite Loop vulnerability
Moderate
CVE-2018-1339
was published
for
org.apache.tika:tika-parsers
(Maven)
Oct 17, 2018
Denial of service vulnerability in org.apache.httpcomponents:httpclient
Moderate
CVE-2015-5262
was published
for
org.apache.httpcomponents:httpclient
(Maven)
Oct 17, 2018
Improper Verification of Cryptographic Signature in org.apache.httpcomponents:httpclient
Moderate
CVE-2014-3577
was published
for
org.apache.httpcomponents:httpclient
(Maven)
Oct 17, 2018
Moderate severity vulnerability that affects org.restlet.jse:org.restlet
Moderate
CVE-2014-1868
was published
for
org.restlet.jse:org.restlet
(Maven)
Oct 17, 2018
Junrar vulnerable to Infinite Loop
Moderate
CVE-2018-12418
was published
for
com.github.junrar:junrar
(Maven)
Oct 17, 2018
Apache Camel allows remote actor to read arbitrary files via external entity in invalid XML string or GenericFile object
Moderate
CVE-2015-0264
was published
for
org.apache.camel:camel-core
(Maven)
Oct 16, 2018
Apache Camel XML External Entity vulnerability
Moderate
CVE-2015-0263
was published
for
org.apache.camel:camel-core
(Maven)
Oct 16, 2018
Apache Camel's Mail is vulnerable to path traversal
Moderate
CVE-2018-8041
was published
for
org.apache.camel:camel-mail
(Maven)
Oct 16, 2018
Moderate severity vulnerability that affects org.apache.ignite:ignite-core
Moderate
CVE-2016-6805
was published
for
org.apache.ignite:ignite-core
(Maven)
Oct 16, 2018
Moderate severity vulnerability that affects apache axis
Moderate
CVE-2018-8032
was published
for
axis:axis
(Maven)
Oct 16, 2018
Improper Validation of Certificates in apache axis
Moderate
CVE-2014-3596
was published
for
axis:axis
(Maven)
Oct 16, 2018
ProTip!
Advisories are also available from the
GraphQL API