Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

87 advisories

Loading
Apache Struts2 Broken Access Control Vulnerability Moderate
CVE-2013-4310 was published for org.apache.struts:struts2-core (Maven) May 17, 2022
sunSUNQ
Jenkins Monitoring Plugin Reveals Sensitive Information via Unspecified Pages Moderate
CVE-2014-3679 was published for org.jvnet.hudson.plugins:monitoring (Maven) May 17, 2022
Jenkins Exclusion Plugin allows Access to Resource Locks Moderate
CVE-2013-6373 was published for org.jenkins-ci.plugins:exclusion (Maven) May 17, 2022
Improper Access Control in Apache Hadoop High
CVE-2016-5393 was published for org.apache.hadoop:hadoop-common (Maven) May 17, 2022
Elasticsearch Improper Access Control vulnerability Moderate
CVE-2014-3120 was published for org.elasticsearch:elasticsearch (Maven) May 17, 2022
Apache Ambari Improper Access Control Critical
CVE-2016-6807 was published for org.apache.ambari:ambari (Maven) May 17, 2022
Apache Tomcat does not follow ServletSecurity annotations Moderate
CVE-2011-1419 was published for org.apache.tomcat:tomcat (Maven) May 17, 2022
Path Traversal in Apache Atlas High
CVE-2016-8752 was published for org.apache.atlas:atlas-common (Maven) May 17, 2022
Improper Access Control in Apache Tomcat Moderate
CVE-2012-5885 was published for org.apache.tomcat:tomcat (Maven) May 17, 2022
Improper Access Control in Apache Derby High
CVE-2010-2232 was published for org.apache.derby:derby (Maven) May 17, 2022
Improper Access Control in MySQL Connectors Java Moderate
CVE-2015-2575 was published for mysql:mysql-connector-java (Maven) May 17, 2022
Improper Access Control in Apache WSS4J Moderate
CVE-2015-0227 was published for org.apache.ws.security:wss4j (Maven) May 14, 2022
Improper Access Control in Elasticsearch High
CVE-2015-1427 was published for org.elasticsearch:elasticsearch (Maven) May 14, 2022
Improper Access Control in Elasticsearch High
CVE-2015-4165 was published for org.elasticsearch:elasticsearch (Maven) May 14, 2022
Improper Access Control in Apache Shiro Critical
CVE-2016-4437 was published for org.apache.shiro:shiro-core (Maven) May 14, 2022
Improper Access Control in Apache Shiro High
CVE-2016-6802 was published for org.apache.shiro:shiro-all (Maven) May 14, 2022
Improper Access Control in Apache Tomcat High
CVE-2016-0714 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Access Control in Apache Tomcat Moderate
CVE-2014-7810 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
Improper Access Control in MySQL Connectors Java High
CVE-2017-3523 was published for mysql:mysql-connector-java (Maven) May 13, 2022
Jenkins allows Bypass of Access Restrictions Moderate
CVE-2015-5325 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Improper Access Control in Apache Tomcat High
CVE-2016-5388 was published for org.apache.tomcat:tomcat-catalina (Maven) May 13, 2022
sunSUNQ
Apache Tomcat Improper Access Control vulnerability Critical
CVE-2016-8735 was published for org.apache.tomcat:tomcat-catalina (Maven) May 13, 2022
sunSUNQ westonsteimel
liususan091219
Improper Access Control in Elasticsearch High
CVE-2019-7611 was published for org.elasticsearch:elasticsearch (Maven) May 13, 2022
Improper Access Control in Apache CXF Moderate
CVE-2015-5253 was published for org.apache.cxf:cxf-rt-rs-security-sso-saml (Maven) May 13, 2022
sunSUNQ
Improper Access Control in SLF4J Critical
CVE-2018-8088 was published for org.slf4j:slf4j-ext (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database