Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

5,183 advisories

Loading
Apache DolphinScheduler sensitive information disclosure High
CVE-2023-48796 was published for apache-dolphinscheduler (Maven) Nov 24, 2023
Querydsl SQL/HQL injection High
CVE-2024-49203 was published for com.querydsl:querydsl-apt (Maven) Nov 20, 2024
Undertow Path Traversal vulnerability Moderate
CVE-2024-1459 was published for io.undertow:undertow-core (Maven) Feb 12, 2024
OrangeDog
Apache Ignite communicates to an external PHP server where sensitive information is sent High
CVE-2017-7686 was published for org.apache.ignite:ignite-core (Maven) Oct 16, 2018
High severity vulnerability that affects org.apache.spark:spark-core_2.10 and org.apache.spark:spark-core_2.11 High
CVE-2017-12612 was published for org.apache.spark:spark-core_2.10 (Maven) Nov 9, 2018
Selenium Server (Grid) CSRF High
CVE-2022-28108 was published for org.seleniumhq.selenium:selenium-grid (Maven) Apr 20, 2022
Improper Input Validation vulnerability in Apache Hop Engine Moderate
CVE-2024-24683 was published for org.apache.hop:hop (Maven) Mar 19, 2024
Jenkins HTML Publisher Plugin Stored XSS vulnerability High
CVE-2024-28150 was published for org.jenkins-ci.plugins:htmlpublisher (Maven) Mar 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database