Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

61 advisories

Loading
Improper Input Validation in org.apache.qpid:qpid-broker Moderate
CVE-2016-3094 was published for org.apache.qpid:qpid-broker (Maven) Oct 16, 2018
org.apache.spark:spark-core_2.10 and org.apache.spark:spark-core_2.11 Improper Authentication vulnerability Moderate
CVE-2018-11770 was published for org.apache.spark:spark-core_2.10 (Maven) Nov 9, 2018
Server session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19 Moderate
CVE-2021-31408 was published for com.vaadin:vaadin-bom (Maven) Apr 22, 2021
Server session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19 Moderate
GHSA-6hgr-2g6q-3rmc was published for com.vaadin:flow-client (Maven) Apr 22, 2021
tdunlap607
Broken Authentication in Atlassian Connect Spring Boot Moderate
CVE-2021-26074 was published for com.atlassian.connect:atlassian-connect-spring-boot-starter (Maven) May 10, 2021
Authentication Bypass by Alternate Name in Apache Tomcat Moderate
CVE-2021-30640 was published for org.apache.tomcat:tomcat (Maven) Aug 13, 2021
Improper Authentication for Keycloak Moderate
CVE-2020-1718 was published for org.keycloak:keycloak-parent (Maven) Feb 9, 2022
Keycloak is vulnerable to IDN homograph attack Moderate
CVE-2021-3424 was published for org.keycloak:keycloak-services (Maven) Apr 28, 2022
Ignite Realtime Openfire Allows Users to Change Passwords of Arbitrary Accounts Moderate
CVE-2009-1595 was published for org.igniterealtime.openfire:parent (Maven) May 2, 2022
Improper Authentication in Apache Tomcat Moderate
CVE-2009-2901 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
MarkLee131 sunSUNQ
Improper Authentication in Apache CXF Moderate
CVE-2013-0239 was published for org.apache.cxf:cxf-rt-frontend-jaxrs (Maven) May 5, 2022
sunSUNQ
Improper Authentication in Apache Axis2 Moderate
CVE-2012-5351 was published for org.apache.axis2:axis2 (Maven) May 13, 2022
Improper Authentication in Apache WSS4J Moderate
CVE-2014-3623 was published for org.apache.ws.security:wss4j (Maven) May 13, 2022
coheigea
Improper Authentication in Apache CXF Moderate
CVE-2012-5633 was published for org.apache.cxf:cxf (Maven) May 13, 2022
sunSUNQ
Improper Authentication in Apache CXF Moderate
CVE-2012-2378 was published for org.apache.cxf:cxf (Maven) May 13, 2022
Improper Authentication in Apache Kafka Moderate
CVE-2017-12610 was published for org.apache.kafka:kafka-clients (Maven) May 13, 2022
Infinispan Rest API Does Not Enforce Auth Constraints Moderate
CVE-2017-2638 was published for org.infinispan:infinispan-server-core (Maven) May 13, 2022
Improper Authentication in Jenkins Moderate
CVE-2017-2604 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Improper Authentication in Jenkins Blue Ocean Plugin Moderate
CVE-2017-1000110 was published for io.jenkins.blueocean:blueocean (Maven) May 13, 2022
Apache OpenMeetings may allow authenticated attacker to deny service for privileged users Moderate
CVE-2018-1286 was published for org.apache.openmeetings:openmeetings-parent (Maven) May 13, 2022
Improper Authentication in Jenkins Moderate
CVE-2018-1999045 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Improper Authentication in Apache Tomcat Moderate
CVE-2013-2067 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
Improper Authentication in Apache Tomcat Moderate
CVE-2011-5063 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Authentication in Apache Tomcat Moderate
CVE-2011-5062 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Authentication in Hibernate Validator Moderate
CVE-2014-3558 was published for org.hibernate:hibernate-validator (Maven) May 14, 2022
MarkLee131
ProTip! Advisories are also available from the GraphQL API