Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
Apache Tomcat Utilities is vulnerable to resource exhaustion when using the APR/Native connector Moderate
CVE-2025-52434 was published for org.apache.tomcat:tomcat-util (Maven) Jul 10, 2025
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability Moderate
CVE-2024-35255 was published for @azure/identity (Go) Jun 11, 2024
scottaddie localden
undertow Race Condition vulnerability Moderate
CVE-2021-3597 was published for io.undertow:undertow-core (Maven) May 25, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Elasticsearch Moderate
CVE-2019-7614 was published for org.elasticsearch:elasticsearch (Maven) May 24, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Spring Security Moderate
CVE-2011-2731 was published for org.springframework.security:spring-security-core (Maven) May 17, 2022
Smack allows the bypass of TLS protections Moderate
CVE-2016-10027 was published for org.igniterealtime.smack:smack-core (Maven) May 13, 2022
An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false member down event messages. Moderate
CVE-2020-35216 was published for io.atomix:atomix (Maven) Dec 17, 2021
Timing based private key exposure in Bouncy Castle Moderate
CVE-2020-15522 was published for BouncyCastle (Maven) Aug 13, 2021
klaudialax
Information disclosure in JBoss Weld Moderate
CVE-2014-8122 was published for org.jboss.weld:weld-core-bom (Maven) Jun 10, 2020
Apache Tomcat Race Condition vulnerability Moderate
CVE-2018-8037 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database