Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,343
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+

191 advisories

Loading
Uncontrolled Resource Consumption in WildFly Moderate
CVE-2020-25689 was published for org.wildfly:wildfly-dist (Maven) May 24, 2022
Wildfly EJB Client causes DoS Moderate
CVE-2020-14297 was published for org.jboss:jboss-ejb-client (Maven) May 24, 2022
Undertow vulnerable to Uncontrolled Resource Consumption High
CVE-2019-14888 was published for io.undertow:undertow-core (Maven) May 24, 2022
Inefficient Regular Expression Complexity in Jenkins Build Failure Analyzer Plugin Moderate
CVE-2019-16555 was published for com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (Maven) May 24, 2022
Apache Sling POST Servlets Denial of Service Vulnerability Moderate
CVE-2012-2138 was published for org.apache.sling:org.apache.sling.servlets.post (Maven) May 17, 2022
Rack Gem Subject to Denial of Service via Hash Collisions Moderate
CVE-2011-5036 was published for org.jruby:jruby-parent (RubyGems) May 17, 2022
Ignite Realtime Openfire vulnerable to XMPPbomb attack High
CVE-2014-2741 was published for org.igniterealtime.openfire:parent (Maven) May 17, 2022
JRuby denial of service via Hash Collision Moderate
CVE-2012-5370 was published for org.jruby:jruby-parent (Maven) May 17, 2022
Apache ActiveMQ default configuration subject to denial of service Moderate
CVE-2012-6551 was published for org.apache.activemq:activemq-web-demo (Maven) May 17, 2022
sunSUNQ
Ruby vulnerable to denial of service Moderate
CVE-2013-1821 was published for org.jruby:jruby (Maven) May 17, 2022
ws-xmlrpc DoS Vulnerability Moderate
CVE-2016-5004 was published for org.apache.xmlrpc:xmlrpc-common (Maven) May 17, 2022
Apache Tika vulnerable to uncontrolled memory consumption Moderate
CVE-2022-25169 was published for org.apache.tika:tika (Maven) May 17, 2022
Apache Tomcat Denial of Service vulnerability Moderate
CVE-2013-4322 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Integer Overflow or Wraparound in Apache Tomcat Moderate
CVE-2014-0075 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Uncontrolled Resource Consumption in Apache Tomcat High
CVE-2014-0230 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Apache OpenMeetings vulnerable to Uncontrolled Resource Consumption High
CVE-2017-7684 was published for org.apache.openmeetings:openmeetings-parent (Maven) May 13, 2022
JBossWS vulnerable to uncontrolled recursion Low
CVE-2011-1483 was published for org.jboss.ws:jbossws-common (Maven) May 13, 2022
Red Hat Wildfly DoS High
CVE-2016-9589 was published for org.wildfly:wildfly-undertow (Maven) May 13, 2022
Uncontrolled Resource Consumption in Undertow Moderate
CVE-2018-1114 was published for io.undertow:undertow-core (Maven) May 13, 2022
Command Injection in VIVO Vitro High
CVE-2019-6986 was published for org.vivoweb:vitro-project (Maven) May 13, 2022
Uncontrolled Resource Consumption in Artemis and HornetQ High
CVE-2017-12174 was published for org.apache.activemq:artemis-native (Maven) May 13, 2022
Uncontrolled Resource Consumption in Apache CXF Moderate
CVE-2014-0109 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
Uncontrolled Resource Consumption in Apache CXF Moderate
CVE-2014-0110 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
Uncontrolled Resource Consumption in Apache ZooKeeper High
CVE-2017-5637 was published for org.apache.zookeeper:zookeeper (Maven) May 13, 2022
Apache Geronimo Hash Collisions Cause DoS High
CVE-2011-5034 was published for org.apache.geronimo:geronimo (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database