GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
Apache InLong vulnerable to Incorrect Permission Assignment for Critical Resource
High
CVE-2023-31454
was published
for
org.apache.inlong:manager-service
(Maven)
Jul 6, 2023
Apache InLong Incorrect Permission Assignment for Critical Resource Vulnerability
High
CVE-2023-31453
was published
for
org.apache.inlong:manager-service
(Maven)
Jul 6, 2023
Apache Tomcat vulnerable to information leak
High
CVE-2023-34981
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Jun 21, 2023
Insecure Temporary File in HuTool
High
CVE-2023-33695
was published
for
cn.hutool:hutool-core
(Maven)
Jun 13, 2023
Jenkins File Parameter Plugin arbitrary file write vulnerability
High
CVE-2023-32986
was published
for
io.jenkins.plugins:file-parameters
(Maven)
May 16, 2023
Jenkins SAML Single Sign On(SSO) Plugin missing permission checks
High
CVE-2023-32992
was published
for
io.jenkins.plugins:miniorange-saml-sp
(Maven)
May 16, 2023
Apache Ranger Hive Plugin missing permissions check
High
CVE-2021-40331
was published
for
org.apache.ranger:ranger-hive-plugin
(Maven)
May 5, 2023
Insecure Permissions issue in jeecg-boot
High
CVE-2021-37305
was published
for
org.jeecgframework.boot:jeecg-boot-base
(Maven)
Feb 3, 2023
Insecure Permissions issue in jeecg-boot
High
CVE-2021-37304
was published
for
org.jeecgframework.boot:jeecg-boot-base
(Maven)
Feb 3, 2023
Insecure Permissions issue in jeecg-boot
High
CVE-2021-37306
was published
for
org.jeecgframework.boot:jeecg-boot-base
(Maven)
Feb 3, 2023
Apache ShenYu Admin has insecure permissions
High
CVE-2022-37435
was published
for
org.apache.shenyu:shenyu-common
(Maven)
Sep 2, 2022
Arbitrary code execution vulnerability in Jenkins Speaks! Plugin
High
CVE-2017-1000403
was published
for
org.jvnet.hudson.plugins:speaks
(Maven)
May 13, 2022
Arbitrary code execution due to incomplete sandbox protection in Jenkins Pipeline
High
CVE-2017-1000096
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps
(Maven)
May 13, 2022
Improper privilege handling in Apache Accumulo
High
CVE-2020-17533
was published
for
org.apache.accumulo:accumulo-master
(Maven)
Feb 9, 2022
Code injection in Apache Druid
High
CVE-2021-25646
was published
for
org.apache.druid:druid
(Maven)
Jun 16, 2021
High severity vulnerability that affects org.scala-lang:scala-compiler
High
CVE-2017-15288
was published
for
org.scala-lang:scala-compiler
(Maven)
Oct 19, 2018
ProTip!
Advisories are also available from the
GraphQL API