GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,412
Erlang
28
GitHub Actions
16
Go
1,650
Maven
4,914
npm
3,437
NuGet
594
pip
2,682
Pub
10
RubyGems
822
Rust
760
Swift
34
Unreviewed advisories
All unreviewed
5,000+
22 advisories
Filter by severity
Improper Neutralization of CRLF Sequences in Wildfly Undertow
Moderate
CVE-2016-4993
was published
for
org.wildfly:wildfly-undertow
(Maven)
May 17, 2022
Get requests in JBoss Enterprise Application Platform (EAP) 7 disclose internal IP addresses to...
Moderate
Unreviewed
CVE-2016-6311
was published
May 17, 2022
The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2...
High
Unreviewed
CVE-2016-5406
was published
May 17, 2022
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security:...
Moderate
Unreviewed
CVE-2017-3455
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity...
Moderate
Unreviewed
CVE-2017-13088
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup ...
Moderate
Unreviewed
CVE-2017-13086
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group...
Moderate
Unreviewed
CVE-2017-13087
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the...
Moderate
Unreviewed
CVE-2017-13081
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the...
High
Unreviewed
CVE-2017-13082
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the...
Moderate
Unreviewed
CVE-2017-13079
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK)...
Moderate
Unreviewed
CVE-2017-13077
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK)...
Moderate
Unreviewed
CVE-2017-13078
was published
May 13, 2022
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before...
Moderate
Unreviewed
CVE-2016-7061
was published
May 13, 2022
admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download...
Moderate
Unreviewed
CVE-2016-8627
was published
May 13, 2022
Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in...
High
Unreviewed
CVE-2016-8656
was published
May 13, 2022
Red Hat Wildfly DoS
High
CVE-2016-9589
was published
for
org.wildfly:wildfly-undertow
(Maven)
May 13, 2022
It was found in EAP 7 before 7.0.9 that properties based files of the management and the...
Moderate
Unreviewed
CVE-2017-12167
was published
May 13, 2022
It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows...
Moderate
Unreviewed
CVE-2017-2595
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK)...
Moderate
Unreviewed
CVE-2017-13080
was published
May 13, 2022
Apache ActiveMQ Artemis RCE Via Deserialization Gadget Chain
High
CVE-2016-4978
was published
for
org.apache.activemq:artemis-pom
(Maven)
May 13, 2022
Privilege Escalation in Hibernate Validator
High
CVE-2017-7536
was published
for
org.hibernate:hibernate-validator
(Maven)
Jun 15, 2020
jackson-databind is vulnerable to a deserialization flaw
Critical
CVE-2017-7525
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Oct 16, 2018
ProTip!
Advisories are also available from the
GraphQL API