Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,412
Erlang
28
GitHub Actions
16
Go
1,650
Maven
4,914
npm
3,437
NuGet
594
pip
2,682
Pub
10
RubyGems
822
Rust
760
Swift
34
Unreviewed advisories
All unreviewed
5,000+

22 advisories

Improper Neutralization of CRLF Sequences in Wildfly Undertow Moderate
CVE-2016-4993 was published for org.wildfly:wildfly-undertow (Maven) May 17, 2022
Get requests in JBoss Enterprise Application Platform (EAP) 7 disclose internal IP addresses to... Moderate Unreviewed
CVE-2016-6311 was published May 17, 2022
The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2... High Unreviewed
CVE-2016-5406 was published May 17, 2022
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security:... Moderate Unreviewed
CVE-2017-3455 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity... Moderate Unreviewed
CVE-2017-13088 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup ... Moderate Unreviewed
CVE-2017-13086 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group... Moderate Unreviewed
CVE-2017-13087 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the... Moderate Unreviewed
CVE-2017-13081 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the... High Unreviewed
CVE-2017-13082 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the... Moderate Unreviewed
CVE-2017-13079 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK)... Moderate Unreviewed
CVE-2017-13077 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK)... Moderate Unreviewed
CVE-2017-13078 was published May 13, 2022
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before... Moderate Unreviewed
CVE-2016-7061 was published May 13, 2022
admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download... Moderate Unreviewed
CVE-2016-8627 was published May 13, 2022
Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in... High Unreviewed
CVE-2016-8656 was published May 13, 2022
Red Hat Wildfly DoS High
CVE-2016-9589 was published for org.wildfly:wildfly-undertow (Maven) May 13, 2022
It was found in EAP 7 before 7.0.9 that properties based files of the management and the... Moderate Unreviewed
CVE-2017-12167 was published May 13, 2022
It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows... Moderate Unreviewed
CVE-2017-2595 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK)... Moderate Unreviewed
CVE-2017-13080 was published May 13, 2022
Apache ActiveMQ Artemis RCE Via Deserialization Gadget Chain High
CVE-2016-4978 was published for org.apache.activemq:artemis-pom (Maven) May 13, 2022
Privilege Escalation in Hibernate Validator High
CVE-2017-7536 was published for org.hibernate:hibernate-validator (Maven) Jun 15, 2020
JesseEstum
jackson-databind is vulnerable to a deserialization flaw Critical
CVE-2017-7525 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Oct 16, 2018
sunSUNQ
ProTip! Advisories are also available from the GraphQL API