GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
349 advisories
Filter by severity
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
Low
CVE-2010-3718
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Apache Tomcat Allows Remote Attackers to Spoof AJP Requests
High
CVE-2011-3190
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Authentication Bypass in Apache Tomcat
Moderate
CVE-2011-1184
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Neutralization of Input During Web Page Generation in Spring Framework
Moderate
CVE-2014-1904
was published
for
org.springframework:spring-webmvc
(Maven)
May 14, 2022
Improper Authentication in Apache WSS4J
High
CVE-2014-3612
was published
for
org.apache.activemq:activemq-broker
(Maven)
May 14, 2022
Improper Restriction of XML External Entity Reference in Apache ActiveMQ
Critical
CVE-2014-3600
was published
for
org.apache.activemq:activemq-broker
(Maven)
May 14, 2022
Improper Neutralization of Special Elements used in an OS Command in Apache ActiveMQ
High
CVE-2014-3576
was published
for
org.apache.activemq:activemq-client
(Maven)
May 14, 2022
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
Moderate
CVE-2014-8110
was published
for
org.apache.activemq:activemq-client
(Maven)
May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Apache ActiveMQ
Moderate
CVE-2015-1830
was published
for
org.apache.activemq:activemq-client
(Maven)
May 14, 2022
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
Moderate
CVE-2016-0734
was published
for
org.apache.activemq:activemq-client
(Maven)
May 14, 2022
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
Moderate
CVE-2016-0782
was published
for
org.apache.activemq:activemq-client
(Maven)
May 14, 2022
Improper Input Validation in Apache ActiveMQ
Critical
CVE-2016-3088
was published
for
org.apache.activemq:activemq-client
(Maven)
May 14, 2022
Apache Tomcat is vulnerable to HTTP request-smuggling
Moderate
CVE-2013-4286
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
Moderate
CVE-2013-4590
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Apache Tomcat Denial of Service vulnerability
Moderate
CVE-2013-4322
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Integer Overflow or Wraparound in Apache Tomcat
Moderate
CVE-2014-0075
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Uncontrolled Resource Consumption in Apache Tomcat
High
CVE-2014-0230
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Input Validation in Apache Tomcat
Moderate
CVE-2014-0096
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat
Moderate
CVE-2014-0099
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Missing XML Validation in Apache Tomcat
Moderate
CVE-2014-0119
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Access Control in Apache Tomcat
High
CVE-2016-0714
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
High
CVE-2017-5647
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Apache Tomcat
High
CVE-2016-8745
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
Moderate
CVE-2015-5345
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat
High
CVE-2016-6817
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API