Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

349 advisories

Loading
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat Low
CVE-2010-3718 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
oliverchang sunSUNQ
Authentication Bypass in Apache Tomcat Moderate
CVE-2011-1184 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Apache Tomcat Allows Remote Attackers to Spoof AJP Requests High
CVE-2011-3190 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Neutralization of Input During Web Page Generation in Spring Framework Moderate
CVE-2014-1904 was published for org.springframework:spring-webmvc (Maven) May 14, 2022
sunSUNQ
Improper Authentication in Apache WSS4J High
CVE-2014-3612 was published for org.apache.activemq:activemq-broker (Maven) May 14, 2022
sunSUNQ
Improper Neutralization of Special Elements used in an OS Command in Apache ActiveMQ High
CVE-2014-3576 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
Improper Restriction of XML External Entity Reference in Apache ActiveMQ Critical
CVE-2014-3600 was published for org.apache.activemq:activemq-broker (Maven) May 14, 2022
sunSUNQ
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ Moderate
CVE-2014-8110 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ Moderate
CVE-2016-0782 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ Moderate
CVE-2016-0734 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
Improper Input Validation in Apache ActiveMQ Critical
CVE-2016-3088 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
Improper Limitation of a Pathname to a Restricted Directory in Apache ActiveMQ Moderate
CVE-2015-1830 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
Apache Tomcat is vulnerable to HTTP request-smuggling Moderate
CVE-2013-4286 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat Moderate
CVE-2013-4590 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Apache Tomcat Denial of Service vulnerability Moderate
CVE-2013-4322 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Integer Overflow or Wraparound in Apache Tomcat Moderate
CVE-2014-0075 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Uncontrolled Resource Consumption in Apache Tomcat High
CVE-2014-0230 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat Moderate
CVE-2014-0099 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Missing XML Validation in Apache Tomcat Moderate
CVE-2014-0119 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Input Validation in Apache Tomcat Moderate
CVE-2014-0096 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Access Control in Apache Tomcat High
CVE-2016-0714 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat High
CVE-2016-6817 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat Moderate
CVE-2015-5345 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat High
CVE-2017-5647 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
kurt-r2c sunSUNQ
r3kumar
Concurrent Execution using Shared Resource with Improper Synchronization in Apache Tomcat High
CVE-2016-8745 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database