Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

2,450 advisories

Loading
Denial of Service in org.springframework:spring-core Moderate
CVE-2018-1257 was published for org.springframework:spring-core (Maven) Oct 17, 2018
sunSUNQ MarkLee131
There is a XML external entity expansion (XXE) vulnerability in Apache Solr config files Moderate
CVE-2018-8010 was published for org.apache.solr:solr-core (Maven) Oct 17, 2018
MarkLee131
XML external entity expansion in org.apache.solr:solr-core Moderate
CVE-2018-8026 was published for org.apache.solr:solr-core (Maven) Oct 17, 2018
MarkLee131
Moderate severity vulnerability that affects org.apache.mesos:mesos Moderate
CVE-2018-8023 was published for org.apache.mesos:mesos (Maven) Oct 17, 2018
Moderate severity vulnerability that affects org.apache.storm:storm-core Moderate
CVE-2018-1332 was published for org.apache.storm:storm-core (Maven) Oct 17, 2018
In Apache PDFBox a carefully crafted PDF file can trigger an extremely long running computation Moderate
CVE-2018-11797 was published for org.apache.pdfbox:pdfbox (Maven) Oct 17, 2018
Moderate severity vulnerability that affects org.apache.ranger:ranger Moderate
CVE-2017-7677 was published for org.apache.ranger:ranger (Maven) Oct 17, 2018
Apache Ranger policy engine incorrectly matches paths in certain conditions Moderate
CVE-2016-8746 was published for org.apache.ranger:ranger-plugins-common (Maven) Oct 17, 2018
Apache Ranger admin users can store some arbitrary javascript code to be executed when normal users login and access policies Moderate
CVE-2016-8751 was published for org.apache.ranger:ranger (Maven) Oct 17, 2018
Moderate severity vulnerability that affects org.apache.ranger:ranger Moderate
CVE-2016-6815 was published for org.apache.ranger:ranger (Maven) Oct 17, 2018
Apache Ranger allows remote authenticated administrators to inject arbitrary web script or HTML Moderate
CVE-2016-5395 was published for org.apache.ranger:ranger (Maven) Oct 17, 2018
Apache Tomcat Race Condition vulnerability Moderate
CVE-2018-8037 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
Apache Tomcat information exposure vulnerability Moderate
CVE-2018-1305 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
Apache Tomcat unauthorized access vulnerability Moderate
CVE-2018-1304 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
Apache Tomcat Open Redirect vulnerability Moderate
CVE-2018-11784 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15 Moderate
CVE-2015-7940 was published for org.bouncycastle:bcprov-jdk14 (Maven) Oct 17, 2018
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15 Moderate
CVE-2016-1000341 was published for org.bouncycastle:bcprov-jdk14 (Maven) Oct 17, 2018
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15 Moderate
CVE-2016-1000339 was published for org.bouncycastle:bcprov-jdk14 (Maven) Oct 17, 2018
Moderate severity vulnerability that affects io.vertx:vertx-core Moderate
CVE-2018-12544 was published for io.vertx:vertx-core (Maven) Oct 17, 2018
MarkLee131
Excessive memory allocation Moderate
CVE-2018-12541 was published for io.vertx:vertx-core (Maven) Oct 17, 2018
tdunlap607
Moderate severity vulnerability that affects org.apache.tika:tika-core Moderate
CVE-2018-1338 was published for org.apache.tika:tika-core (Maven) Oct 17, 2018
Comparison errorr in org.apache.tika:tika-core Moderate
CVE-2018-8017 was published for org.apache.tika:tika-core (Maven) Oct 17, 2018
MarkLee131
Moderate severity vulnerability that affects org.apache.tika:tika-core Moderate
CVE-2018-11762 was published for org.apache.tika:tika-core (Maven) Oct 17, 2018
Apache Tika Server exposes sensitive information Moderate
CVE-2015-3271 was published for org.apache.tika:tika-server (Maven) Oct 17, 2018
ProTip! Advisories are also available from the GraphQL API