GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
155 advisories
Improper Authentication in Apache ActiveMQ
Moderate
CVE-2013-3060
was published
for
org.apache.activemq:activemq-client
(Maven)
May 17, 2022
Apache Struts XSS Vulnerability
Moderate
CVE-2016-2162
was published
for
org.apache.struts:struts2-core
(Maven)
May 17, 2022
Improper Control of Generation of Code ('Code Injection') in Spring Framework
Moderate
CVE-2010-1622
was published
for
org.springframework:spring
(Maven)
May 17, 2022
Django settings leak in date template filter
Moderate
CVE-2015-8213
was published
for
Django
(pip)
May 17, 2022
Improper Input Validation in Apache ActiveMQ
Moderate
CVE-2015-6524
was published
for
org.apache.activemq:activemq-broker
(Maven)
May 17, 2022
Open redirect in Apache Struts
Moderate
CVE-2013-2248
was published
for
org.apache.struts:struts2-core
(Maven)
May 17, 2022
Apache Tomcat Allows Replacing of XML Parser
Moderate
CVE-2011-2481
was published
for
org.apache.tomcat:tomcat
(Maven)
May 17, 2022
Apache Struts vulnerable to possible DoS attack when using URLValidator
Moderate
CVE-2016-4465
was published
for
org.apache.struts:struts2-core
(Maven)
May 17, 2022
Denial of service in Apache Struts
Moderate
CVE-2012-4387
was published
for
org.apache.struts.xwork:xwork-core
(Maven)
May 17, 2022
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
Moderate
CVE-2013-1879
was published
for
org.apache.activemq:activemq-client
(Maven)
May 17, 2022
Jenkins directory traversal vulnerability
Moderate
CVE-2014-2059
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 17, 2022
Jenkins cross-site scripting (XSS) vulnerability
Moderate
CVE-2014-2067
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 17, 2022
Denial of service in Apache Tomcat
Moderate
CVE-2014-0095
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
May 17, 2022
Deserialization of Untrusted Data in Jenkins
Moderate
CVE-2017-1000355
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
Apache Struts vulnerable to possible DoS attack when using URLValidator
Moderate
CVE-2016-8738
was published
for
org.apache.struts:struts2-core
(Maven)
May 14, 2022
Cloud Foundry UAA open redirect
Moderate
CVE-2018-11041
was published
for
org.cloudfoundry.identity:cloudfoundry-identity-server
(Maven)
May 14, 2022
Apache Tomcat allows remote attackers to bypass intended access restrictions
Moderate
CVE-2011-1088
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Access controll bypass in Apache Tomcat
Moderate
CVE-2011-1183
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Access restriction bypass in Apache Tomcat
Moderate
CVE-2011-1582
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Spring Framework and Spring Security vulnerable to Deserialization of Untrusted Data
Moderate
CVE-2011-2894
was published
for
org.springframework.security:spring-security-core
(Maven)
May 14, 2022
Cross-Site Request Forgery in Apache Struts
Moderate
CVE-2014-7809
was published
for
org.apache.struts:struts2-core
(Maven)
May 14, 2022
Apache ActiveMQ Sensitive Information Disclosure via the Jetty ResourceHandler
Moderate
CVE-2010-1587
was published
for
org.apache.activemq:activemq-web-console
(Maven)
May 14, 2022
Improper Neutralization of Input During Web Page Generation in Apache Tomcat
Moderate
CVE-2010-4172
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime Environment
Moderate
CVE-2010-4476
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Cross-site Scripting in Apache Struts
Moderate
CVE-2016-4003
was published
for
org.apache.struts:struts2-core
(Maven)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API