Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

50 advisories

Loading
Cross-site Scripting in OpenCRX Moderate
CVE-2023-40813 was published for org.opencrx:opencrx-core-models (Maven) Nov 18, 2023
MarkLee131
Exposure of Sensitive Information to an Unauthorized Actor in Apache HttpClient Moderate
CVE-2011-1498 was published for org.apache.httpcomponents:httpclient (Maven) May 17, 2022
MarkLee131
Improper Neutralization of Input During Web Page Generation in JavaMelody Moderate
CVE-2013-4378 was published for net.bull.javamelody:javamelody-core (Maven) May 17, 2022
MarkLee131
XML Injection in Apache Solr Moderate
CVE-2013-6408 was published for org.apache.solr:solr-core (Maven) May 17, 2022
MarkLee131
Apache Solr UpdateRequestHandler for XML resolves XML External Entities Moderate
CVE-2013-6407 was published for org.apache.solr:solr-core (Maven) May 17, 2022
MarkLee131
Improper Limitation of a Pathname to a Restricted Directory in Apache Solr Moderate
CVE-2013-6397 was published for org.apache.solr:solr-core (Maven) May 17, 2022
MarkLee131
Cross-site Scripting in Apache ActiveMQ Moderate
CVE-2012-6092 was published for org.apache.activemq:activemq-core (Maven) May 17, 2022
MarkLee131
Improper Restriction of XML External Entity Reference in Apache POI Moderate
CVE-2014-3529 was published for org.apache.poi:poi (Maven) May 17, 2022
MarkLee131
Improper Input Validation in Apache POI Moderate
CVE-2014-3574 was published for org.apache.poi:poi (Maven) May 17, 2022
MarkLee131
Improper Input Validation in Apache Jackrabbit Moderate
CVE-2015-1833 was published for org.apache.jackrabbit:jackrabbit-core (Maven) May 14, 2022
MarkLee131
Improper Neutralization of Input During Web Page Generation in Apache Tomcat Moderate
CVE-2010-4172 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ MarkLee131
Exposure of Sensitive Information to an Unauthorized Actor in SonarSource SonarQube API Moderate
CVE-2018-19413 was published for org.sonarsource.sonarqube:sonar-plugin-api (Maven) May 14, 2022
MarkLee131
Missing Cryptographic Step in OWASP Enterprise Security API for Java Moderate
CVE-2013-5960 was published for org.owasp.esapi:esapi (Maven) May 14, 2022
MarkLee131
Improper Authentication in Hibernate Validator Moderate
CVE-2014-3558 was published for org.hibernate:hibernate-validator (Maven) May 14, 2022
MarkLee131
Directory Traversal in Apache Tomcat Moderate
CVE-2008-5515 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
MarkLee131 sunSUNQ
Improper Input Validation in Apache Tomcat Moderate
CVE-2014-0227 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
MarkLee131
Apache XML Security For Java vulnerable to Infinite Loop Moderate
CVE-2013-5823 was published for org.apache.santuario:xmlsec (Maven) May 14, 2022
MarkLee131
Netty denial of service vulnerability Moderate
CVE-2014-0193 was published for io.netty:netty (Maven) May 13, 2022
MarkLee131
Insufficient Verification of Data Authenticity in Async Http Client Moderate
CVE-2013-7398 was published for com.ning:async-http-client (Maven) May 13, 2022
MarkLee131
Insufficient Verification of Data Authenticity in Async Http Client Moderate
CVE-2013-7397 was published for com.ning:async-http-client (Maven) May 13, 2022
MarkLee131
Uncontrolled Resource Consumption in Apache Commons Compress Moderate
CVE-2012-2098 was published for org.apache.commons:commons-compress (Maven) May 13, 2022
MarkLee131
spring-integration-zip Arbitrary File Write Moderate
CVE-2018-1263 was published for org.springframework.integration:spring-integration-zip (Maven) May 13, 2022
MarkLee131
Inefficient Algorithmic Complexity in Apache Santuario XML Security Moderate
CVE-2013-2172 was published for org.apache.santuario:xmlsec (Maven) May 13, 2022
MarkLee131
Improper Input Validation in Apache Santuario XML Security Moderate
CVE-2013-4517 was published for org.apache.santuario:xmlsec (Maven) May 13, 2022
MarkLee131
Improper Input Validation in Apache Santuario XML Security Moderate
CVE-2014-8152 was published for org.apache.santuario:xmlsec (Maven) May 13, 2022
MarkLee131
ProTip! Advisories are also available from the GraphQL API