Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

639 advisories

Loading
Cross-site Scripting in Apache ActiveMQ Moderate
CVE-2012-6092 was published for org.apache.activemq:activemq-core (Maven) May 17, 2022
MarkLee131
Apache ActiveMQ Cross-site scripting (XSS) vulnerability in the Portfolio publisher servlet Moderate
CVE-2013-1880 was published for org.apache.activemq:activemq-core (Maven) May 17, 2022
sunSUNQ
Apache Struts XSS Vulnerability Moderate
CVE-2016-2162 was published for org.apache.struts:struts2-core (Maven) May 17, 2022
sunSUNQ
JacksonJsonpInterceptor susceptible to cross-site script inclusion (XSSI) attack Moderate
CVE-2016-6348 was published for org.jboss.resteasy:resteasy-client (Maven) May 17, 2022
Improper Neutralization of Input During Web Page Generation in RESTEasy Moderate
CVE-2016-6347 was published for org.jboss.resteasy:resteasy-client (Maven) May 17, 2022
Cross-site Scripting in Apache NiFi Moderate
CVE-2017-7665 was published for org.apache.nifi:nifi (Maven) May 17, 2022
Apache OpenMeetings Cross-site Scripting vulnerability Moderate
CVE-2017-7663 was published for org.apache.openmeetings:openmeetings-parent (Maven) May 17, 2022
Apache Solr Cross-site scripting Vulnerability Moderate
CVE-2015-8796 was published for org.apache.solr:solr (Maven) May 17, 2022
Mayaa Cross-site Scripting vulnerability Moderate
CVE-2008-5720 was published for com.github.seasarorg.mayaa:mayaa (Maven) May 17, 2022
Liferay Portal Vulnerable to XSS via a Knowledge Base Article Title Moderate
CVE-2017-12647 was published for com.liferay.portal:release.portal.bom (Maven) May 17, 2022
Liferay Portal XSS Vulnerability Moderate
CVE-2017-12646 was published for com.liferay.portal:release.portal.bom (Maven) May 17, 2022
Liferay Portal XSS Vulnerability Moderate
CVE-2017-12648 was published for com.liferay.portal:release.portal.bom (Maven) May 17, 2022
Liferay Portal Vulnerable to XSS via an Invalid portletId Moderate
CVE-2017-12645 was published for com.liferay.portal:release.portal.bom (Maven) May 17, 2022
Liferay Portal Vulnerable to XSS via a Crafted Redirect Field Moderate
CVE-2016-10404 was published for com.liferay.portal:release.portal.bom (Maven) May 17, 2022
Liferay Portal Vulnerable to XSS via Mishandled Title or Summary in the Web Content Display Moderate
CVE-2017-12649 was published for com.liferay.portal:release.portal.bom (Maven) May 17, 2022
Improper Neutralization of Input During Web Page Generation in Google Web Toolkit Moderate
CVE-2013-4204 was published for com.google.gwt:gwt (Maven) May 17, 2022
Apache Struts Multiple Cross-site Scripting Vulnerabilities Moderate
CVE-2012-1006 was published for org.apache.struts:struts2-parent (Maven) May 17, 2022
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ Moderate
CVE-2013-1879 was published for org.apache.activemq:activemq-client (Maven) May 17, 2022
sunSUNQ
Jenkins cross-site scripting (XSS) vulnerability Moderate
CVE-2014-2067 was published for org.jenkins-ci.main:jenkins-core (Maven) May 17, 2022
sunSUNQ
Insecure cookie storage in Apache Atlas Moderate
CVE-2017-3150 was published for org.apache.atlas:atlas-common (Maven) May 17, 2022
Cross-site Scripting in Apache Atlas Moderate
CVE-2017-3153 was published for org.apache.atlas:atlas-common (Maven) May 17, 2022
Cross-site Scripting in Apache Atlas Moderate
CVE-2017-3152 was published for org.apache.atlas:atlas-common (Maven) May 17, 2022
Cross-site Scripting in Apache Atlas Moderate
CVE-2017-3155 was published for org.apache.atlas:atlas-common (Maven) May 17, 2022
Cross-site Scripting In Apache Brooklyn Moderate
CVE-2017-3165 was published for org.apache.brooklyn:brooklyn (Maven) May 17, 2022
Persistent XSS vulnerability in Jenkins OWASP Dependency-Check Plugin Moderate
CVE-2017-1000109 was published for org.jenkins-ci.plugins:dependency-check-jenkins-plugin (Maven) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database