GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
68 advisories
Apache Hadoop: Temporary File Local Information Disclosure
Low
CVE-2024-23454
was published
for
org.apache.hadoop:hadoop-common
(Maven)
Sep 25, 2024
Neo4j Cypher component mishandles IMMUTABLE privileges
Moderate
CVE-2024-34517
was published
for
org.neo4j:neo4j-cypher
(Maven)
May 7, 2024
Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider
Moderate
CVE-2024-31141
was published
for
org.apache.kafka:kafka-clients
(Maven)
Nov 19, 2024
Issue with whitespace in JWT roles in OpenSearch
Moderate
CVE-2023-23612
was published
for
org.opensearch.plugin:opensearch-security
(Maven)
Jan 24, 2023
Apache Spark vulnerable to Improper Privilege Management
Critical
CVE-2023-22946
was published
for
org.apache.spark:spark-core_2.12
(Maven)
Apr 17, 2023
Improper JWT Signature Validation in SAP Security Services Library
Critical
CVE-2023-50422
was published
for
com.sap.cloud.security.xsuaa:spring-xsuaa
(Maven)
Dec 13, 2023
In XWiki Platform, payloads stored in content is executed when a user with script/programming right edit them
Critical
CVE-2024-43401
was published
for
org.xwiki.platform:xwiki-platform-web-templates
(Maven)
Aug 19, 2024
Cloud Foundry UAA password reset vulnerability
High
CVE-2017-4991
was published
for
org.cloudfoundry.identity:cloudfoundry-identity-server
(Maven)
May 13, 2022
Authorization bypass in org.springframework.security.oauth:spring-security-oauth2
High
CVE-2018-15758
was published
for
org.springframework.security.oauth:spring-security-oauth2
(Maven)
Oct 19, 2018
ProTip!
Advisories are also available from the
GraphQL API