GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,713
NuGet
661
pip
3,386
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
349 advisories
Filter by severity
Apache ActiveMQ default configuration subject to denial of service
Moderate
CVE-2012-6551
was published
for
org.apache.activemq:activemq-web-demo
(Maven)
May 17, 2022
Improper Authentication in Apache ActiveMQ
Moderate
CVE-2013-3060
was published
for
org.apache.activemq:activemq-client
(Maven)
May 17, 2022
Apache Struts XSS Vulnerability
Moderate
CVE-2016-2162
was published
for
org.apache.struts:struts2-core
(Maven)
May 17, 2022
Improper Control of Generation of Code ('Code Injection') in Spring Framework
Moderate
CVE-2010-1622
was published
for
org.springframework:spring
(Maven)
May 17, 2022
Code injection in Apache Struts
High
CVE-2013-4316
was published
for
org.apache.struts:struts2-core
(Maven)
May 17, 2022
Django settings leak in date template filter
Moderate
CVE-2015-8213
was published
for
Django
(pip)
May 17, 2022
Improper Input Validation in Apache ActiveMQ
Moderate
CVE-2015-6524
was published
for
org.apache.activemq:activemq-broker
(Maven)
May 17, 2022
Django DoS in django.views.static.serve
High
CVE-2015-0221
was published
for
Django
(pip)
May 17, 2022
Open redirect in Apache Struts
Moderate
CVE-2013-2248
was published
for
org.apache.struts:struts2-core
(Maven)
May 17, 2022
Django Vulnerable to Cache Poisoning
Critical
CVE-2014-1418
was published
for
Django
(pip)
May 17, 2022
Apache Tomcat Allows Replacing of XML Parser
Moderate
CVE-2011-2481
was published
for
org.apache.tomcat:tomcat
(Maven)
May 17, 2022
Improper Neutralization of Directives in Dynamically Evaluated Code in Spring Framework
High
CVE-2011-2730
was published
for
org.springframework:spring-core
(Maven)
May 17, 2022
Apache Struts vulnerable to possible DoS attack when using URLValidator
Moderate
CVE-2016-4465
was published
for
org.apache.struts:struts2-core
(Maven)
May 17, 2022
Apache Struts Open Redirect
High
CVE-2016-4433
was published
for
org.apache.struts.xwork:xwork-core
(Maven)
May 17, 2022
Apache Struts improper action name cleanup
Critical
CVE-2016-4436
was published
for
org.apache.struts:struts2-core
(Maven)
May 17, 2022
Denial of service in Apache Struts
Moderate
CVE-2012-4387
was published
for
org.apache.struts.xwork:xwork-core
(Maven)
May 17, 2022
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
Moderate
CVE-2013-1879
was published
for
org.apache.activemq:activemq-client
(Maven)
May 17, 2022
Jenkins directory traversal vulnerability
Moderate
CVE-2014-2059
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 17, 2022
Jenkins cross-site scripting (XSS) vulnerability
Moderate
CVE-2014-2067
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 17, 2022
Incomplete exclude pattern in Apache Struts
High
CVE-2015-1831
was published
for
org.apache.struts.xwork:xwork-core
(Maven)
May 17, 2022
Django Vulnerable to HTTP Response Splitting Attack
High
CVE-2015-5144
was published
for
Django
(pip)
May 17, 2022
Apache Struts CSRF Vulnerability
High
CVE-2016-4430
was published
for
org.apache.struts.xwork:xwork-core
(Maven)
May 17, 2022
Denial of service in Apache Tomcat
Moderate
CVE-2014-0095
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
May 17, 2022
Race Condition in Jenkins
High
CVE-2017-1000503
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
Deserialization of Untrusted Data in Jenkins
Moderate
CVE-2017-1000355
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API