Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,916
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

61 advisories

Loading
Improper Input Validation in org.apache.qpid:qpid-broker Moderate
CVE-2016-3094 was published for org.apache.qpid:qpid-broker (Maven) Oct 16, 2018
org.apache.spark:spark-core_2.10 and org.apache.spark:spark-core_2.11 Improper Authentication vulnerability Moderate
CVE-2018-11770 was published for org.apache.spark:spark-core_2.10 (Maven) Nov 9, 2018
Server session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19 Moderate
CVE-2021-31408 was published for com.vaadin:vaadin-bom (Maven) Apr 22, 2021
Server session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19 Moderate
GHSA-6hgr-2g6q-3rmc was published for com.vaadin:flow-client (Maven) Apr 22, 2021
tdunlap607
Broken Authentication in Atlassian Connect Spring Boot Moderate
CVE-2021-26074 was published for com.atlassian.connect:atlassian-connect-spring-boot-starter (Maven) May 10, 2021
Authentication Bypass by Alternate Name in Apache Tomcat Moderate
CVE-2021-30640 was published for org.apache.tomcat:tomcat (Maven) Aug 13, 2021
Improper Authentication for Keycloak Moderate
CVE-2020-1718 was published for org.keycloak:keycloak-parent (Maven) Feb 9, 2022
Keycloak is vulnerable to IDN homograph attack Moderate
CVE-2021-3424 was published for org.keycloak:keycloak-services (Maven) Apr 28, 2022
Ignite Realtime Openfire Allows Users to Change Passwords of Arbitrary Accounts Moderate
CVE-2009-1595 was published for org.igniterealtime.openfire:parent (Maven) May 2, 2022
Improper Authentication in Apache Tomcat Moderate
CVE-2009-2901 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
MarkLee131 sunSUNQ
Improper Authentication in Apache CXF Moderate
CVE-2013-0239 was published for org.apache.cxf:cxf-rt-frontend-jaxrs (Maven) May 5, 2022
sunSUNQ
Improper Authentication in Apache Axis2 Moderate
CVE-2012-5351 was published for org.apache.axis2:axis2 (Maven) May 13, 2022
Improper Authentication in Apache WSS4J Moderate
CVE-2014-3623 was published for org.apache.ws.security:wss4j (Maven) May 13, 2022
coheigea
Improper Authentication in Apache CXF Moderate
CVE-2012-5633 was published for org.apache.cxf:cxf (Maven) May 13, 2022
sunSUNQ
Improper Authentication in Apache CXF Moderate
CVE-2012-2378 was published for org.apache.cxf:cxf (Maven) May 13, 2022
Improper Authentication in Apache Kafka Moderate
CVE-2017-12610 was published for org.apache.kafka:kafka-clients (Maven) May 13, 2022
Infinispan Rest API Does Not Enforce Auth Constraints Moderate
CVE-2017-2638 was published for org.infinispan:infinispan-server-core (Maven) May 13, 2022
Improper Authentication in Jenkins Moderate
CVE-2017-2604 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Improper Authentication in Jenkins Blue Ocean Plugin Moderate
CVE-2017-1000110 was published for io.jenkins.blueocean:blueocean (Maven) May 13, 2022
Apache OpenMeetings may allow authenticated attacker to deny service for privileged users Moderate
CVE-2018-1286 was published for org.apache.openmeetings:openmeetings-parent (Maven) May 13, 2022
Improper Authentication in Jenkins Moderate
CVE-2018-1999045 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Improper Authentication in Apache Tomcat Moderate
CVE-2013-2067 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
Improper Authentication in Apache Tomcat Moderate
CVE-2011-5062 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Authentication in Apache Tomcat Moderate
CVE-2011-5063 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Authentication in Hibernate Validator Moderate
CVE-2014-3558 was published for org.hibernate:hibernate-validator (Maven) May 14, 2022
MarkLee131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database