Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

349 advisories

Loading
Cloud Foundry UAA SessionID present in Audit Event Logs High
CVE-2018-1192 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 14, 2022
sunSUNQ
Apache Struts vulnerable to possible DoS attack when using URLValidator Moderate
CVE-2016-8738 was published for org.apache.struts:struts2-core (Maven) May 14, 2022
sunSUNQ
Improper Neutralization of Input During Web Page Generation in Apache Tomcat High
CVE-2015-5346 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Cloud Foundry UAA open redirect Moderate
CVE-2018-11041 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 14, 2022
sunSUNQ
Apache Tomcat does not enforce the maxHttpHeaderSize limit High
CVE-2011-0534 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Apache Tomcat allows remote attackers to bypass intended access restrictions Moderate
CVE-2011-1088 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Access controll bypass in Apache Tomcat Moderate
CVE-2011-1183 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Access restriction bypass in Apache Tomcat Moderate
CVE-2011-1582 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Spring Framework and Spring Security vulnerable to Deserialization of Untrusted Data Moderate
CVE-2011-2894 was published for org.springframework.security:spring-security-core (Maven) May 14, 2022
sunSUNQ
Cross-Site Request Forgery in Apache Struts Moderate
CVE-2014-7809 was published for org.apache.struts:struts2-core (Maven) May 14, 2022
sunSUNQ
Apache ActiveMQ Sensitive Information Disclosure via the Jetty ResourceHandler Moderate
CVE-2010-1587 was published for org.apache.activemq:activemq-web-console (Maven) May 14, 2022
sunSUNQ
Improper Neutralization of Input During Web Page Generation in Apache Tomcat Moderate
CVE-2010-4172 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ MarkLee131
Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime Environment Moderate
CVE-2010-4476 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Arbitrary code execution in Apache Struts 2 High
CVE-2013-2134 was published for org.apache.struts.xwork:xwork-core (Maven) May 14, 2022
sunSUNQ
Arbitrary code execution in Apache Struts 2 High
CVE-2013-2135 was published for org.apache.struts.xwork:xwork-core (Maven) May 14, 2022
sunSUNQ
Cross-site Scripting in Apache Struts Moderate
CVE-2016-4003 was published for org.apache.struts:struts2-core (Maven) May 14, 2022
sunSUNQ
Apache Struts Code injection due to conversion error High
CVE-2012-0838 was published for org.apache.struts.xwork:xwork-core (Maven) May 14, 2022
sunSUNQ
Cloud Foundry vulnerable to Improper Certificate Validation Moderate
CVE-2016-5016 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 14, 2022
sunSUNQ
Improper Verification of Source of a Communication Channel in Apache Tomcat Moderate
CVE-2016-0763 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Directory Traversal in Apache Tomcat Moderate
CVE-2008-5515 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
MarkLee131 sunSUNQ
Insertion of Sensitive Information into Log File in Apache Tomcat Moderate
CVE-2011-2204 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Apache Tomcat does not properly handle an invalid Transfer-Encoding header Moderate
CVE-2010-2227 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Authentication in Apache Tomcat Moderate
CVE-2011-5063 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Input Validation in Apache Tomcat Moderate
CVE-2011-2526 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Authentication in Apache Tomcat Moderate
CVE-2011-5062 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
ProTip! Advisories are also available from the GraphQL API