Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,413
Erlang
29
GitHub Actions
16
Go
1,653
Maven
4,915
npm
3,442
NuGet
594
pip
2,832
Pub
10
RubyGems
823
Rust
763
Swift
34
Unreviewed advisories
All unreviewed
5,000+

13 advisories

An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local... High Unreviewed
CVE-2017-0455 was published May 17, 2022
The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and... High Unreviewed
CVE-2016-6325 was published May 14, 2022
The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 and tomcat8 package before 8... High Unreviewed
CVE-2016-1240 was published May 14, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Apache Tomcat High
CVE-2016-8745 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Input Validation in Apache Tomcat High
CVE-2016-6816 was published for org.apache.tomcat:tomcat-coyote (Maven) May 13, 2022
sunSUNQ
Apache Tomcat Improper Access Control vulnerability Critical
CVE-2016-8735 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) May 13, 2022
sunSUNQ westonsteimel
Apache Tomcat vulnerable to SecurityManager bypass High
CVE-2016-6796 was published for org.apache.tomcat:tomcat (Maven) May 13, 2022
sunSUNQ
System Property Disclosure in Apache Tomcat Moderate
CVE-2016-6794 was published for org.apache.tomcat:tomcat (Maven) May 13, 2022
sunSUNQ
Authentication Bypass Using an Alternate Path or Channel in Apache Tomcat Critical
CVE-2016-5018 was published for org.apache.tomcat.embed:tomcat-embed-jasper (Maven) May 13, 2022
sunSUNQ westonsteimel
Observable Discrepancy in Apache Tomcat Moderate
CVE-2016-0762 was published for org.apache.tomcat:tomcat (Maven) May 13, 2022
sunSUNQ
Incorrect Authorization in Apache Tomcat High
CVE-2016-6797 was published for org.apache.tomcat:tomcat (Maven) May 13, 2022
sunSUNQ
An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite... High Unreviewed
CVE-2017-12103 was published May 13, 2022
High severity vulnerability that affects commons-fileupload:commons-fileupload High
CVE-2016-3092 was published for commons-fileupload:commons-fileupload (Maven) Dec 21, 2018
ProTip! Advisories are also available from the GraphQL API