GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
161 advisories
Filter by severity
Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime Environment
Moderate
CVE-2010-4476
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Cross-site Scripting in Apache Struts
Moderate
CVE-2016-4003
was published
for
org.apache.struts:struts2-core
(Maven)
May 14, 2022
Cloud Foundry vulnerable to Improper Certificate Validation
Moderate
CVE-2016-5016
was published
for
org.cloudfoundry.identity:cloudfoundry-identity-server
(Maven)
May 14, 2022
Improper Verification of Source of a Communication Channel in Apache Tomcat
Moderate
CVE-2016-0763
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Directory Traversal in Apache Tomcat
Moderate
CVE-2008-5515
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Authentication in Apache Tomcat
Moderate
CVE-2011-5063
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Apache Tomcat does not properly handle an invalid Transfer-Encoding header
Moderate
CVE-2010-2227
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Insertion of Sensitive Information into Log File in Apache Tomcat
Moderate
CVE-2011-2204
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Authentication in Apache Tomcat
Moderate
CVE-2011-5062
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Input Validation in Apache Tomcat
Moderate
CVE-2011-2526
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Authentication Bypass in Apache Tomcat
Moderate
CVE-2011-1184
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Neutralization of Input During Web Page Generation in Spring Framework
Moderate
CVE-2014-1904
was published
for
org.springframework:spring-webmvc
(Maven)
May 14, 2022
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
Moderate
CVE-2014-8110
was published
for
org.apache.activemq:activemq-client
(Maven)
May 14, 2022
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
Moderate
CVE-2016-0782
was published
for
org.apache.activemq:activemq-client
(Maven)
May 14, 2022
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
Moderate
CVE-2016-0734
was published
for
org.apache.activemq:activemq-client
(Maven)
May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Apache ActiveMQ
Moderate
CVE-2015-1830
was published
for
org.apache.activemq:activemq-client
(Maven)
May 14, 2022
Apache Tomcat is vulnerable to HTTP request-smuggling
Moderate
CVE-2013-4286
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
Moderate
CVE-2013-4590
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Apache Tomcat Denial of Service vulnerability
Moderate
CVE-2013-4322
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Integer Overflow or Wraparound in Apache Tomcat
Moderate
CVE-2014-0075
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat
Moderate
CVE-2014-0099
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Input Validation in Apache Tomcat
Moderate
CVE-2014-0096
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Missing XML Validation in Apache Tomcat
Moderate
CVE-2014-0119
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
Moderate
CVE-2015-5345
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Insufficient Verification of Data Authenticity in Apache Tomcat
Moderate
CVE-2017-7674
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API