Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

128 advisories

Loading
Improper Control of Generation of Code in Apache Camel Moderate
CVE-2013-4330 was published for org.apache.camel:camel-core (Maven) May 13, 2022
sunSUNQ
Apache Camel XML External Entity vulnerability Moderate
CVE-2015-0263 was published for org.apache.camel:camel-core (Maven) Oct 16, 2018
sunSUNQ
Apache Camel allows remote actor to read arbitrary files via external entity in invalid XML string or GenericFile object Moderate
CVE-2015-0264 was published for org.apache.camel:camel-core (Maven) Oct 16, 2018
sunSUNQ
Apache Camel's Mail is vulnerable to path traversal Moderate
CVE-2018-8041 was published for org.apache.camel:camel-mail (Maven) Oct 16, 2018
MarkLee131 sunSUNQ
Denial of Service in Apache ActiveMQ Moderate
CVE-2011-4905 was published for org.apache.activemq:activemq-core (Maven) May 17, 2022
sunSUNQ
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ Moderate
CVE-2013-1879 was published for org.apache.activemq:activemq-client (Maven) May 17, 2022
sunSUNQ
Apache ActiveMQ Cross-site scripting (XSS) vulnerability in the Portfolio publisher servlet Moderate
CVE-2013-1880 was published for org.apache.activemq:activemq-core (Maven) May 17, 2022
sunSUNQ
Improper Input Validation in Apache ActiveMQ Moderate
CVE-2015-6524 was published for org.apache.activemq:activemq-broker (Maven) May 17, 2022
sunSUNQ
Improper Limitation of a Pathname to a Restricted Directory in Apache ActiveMQ Moderate
CVE-2015-1830 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
Improper Input Validation and Missing Authentication for Critical Function in Apache ActiveMQ Moderate
CVE-2015-7559 was published for org.apache.activemq:activemq-client (Maven) Aug 1, 2019
sunSUNQ
Cross-site request forgery in Apache ActiveMQ Moderate
CVE-2010-1244 was published for org.apache.activemq:activemq-parent (Maven) May 2, 2022
sunSUNQ
Improper Authentication in Apache CXF Moderate
CVE-2012-5633 was published for org.apache.cxf:cxf (Maven) May 13, 2022
sunSUNQ
Improper Authentication in Apache CXF Moderate
CVE-2013-0239 was published for org.apache.cxf:cxf-rt-frontend-jaxrs (Maven) May 5, 2022
sunSUNQ
Improper Input Validation in Apache CXF Moderate
CVE-2014-0034 was published for org.apache.cxf:cxf-rt-ws-security (Maven) May 13, 2022
sunSUNQ
Cleartext Transmission of Sensitive Information in Apache CXF Moderate
CVE-2014-0035 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
Uncontrolled Resource Consumption in Apache CXF Moderate
CVE-2014-0109 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
Uncontrolled Resource Consumption in Apache CXF Moderate
CVE-2014-0110 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
Improper Access Control in Apache CXF Moderate
CVE-2015-5253 was published for org.apache.cxf:cxf-rt-rs-security-sso-saml (Maven) May 13, 2022
sunSUNQ
Improper Neutralization of Input During Web Page Generation in Apache CXF Moderate
CVE-2016-6812 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
Improper Input Validation in Apache CXF Moderate
CVE-2017-12624 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
Improper Certificate Validation in Apache CXF Moderate
CVE-2017-5653 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
Denial of service in Apache Struts Moderate
CVE-2012-4387 was published for org.apache.struts.xwork:xwork-core (Maven) May 17, 2022
sunSUNQ
Apache Struts's CookieInterceptor component does not use the parameter-name whitelist Moderate
CVE-2012-0392 was published for org.apache.struts.xwork:xwork-core (Maven) May 4, 2022
sunSUNQ
Open redirect in Apache Struts Moderate
CVE-2013-2248 was published for org.apache.struts:struts2-core (Maven) May 17, 2022
sunSUNQ
Apache Struts2 Broken Access Control Vulnerability Moderate
CVE-2013-4310 was published for org.apache.struts:struts2-core (Maven) May 17, 2022
sunSUNQ
ProTip! Advisories are also available from the GraphQL API