GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
64 advisories
Graylog vulnerable to privilege escalation through API tokens
High
CVE-2025-53106
was published
for
org.graylog2:graylog2-server
(Maven)
Jun 30, 2025
Graylog's Authenticated HTTP inputs ingest message even if Authorization header is missing or has wrong value
Moderate
CVE-2025-30373
was published
for
org.graylog2:graylog2-server
(Maven)
Apr 7, 2025
XWiki users registered with email verification can self re-activate their disabled accounts
High
CVE-2021-32620
was published
for
org.xwiki.commons:xwiki-commons-core
(Maven)
May 18, 2021
Authorization bypass in Spring Security
Critical
CVE-2022-22978
was published
for
org.springframework.security:spring-security-core
(Maven)
May 20, 2022
Quarkus: authorization flaw in quarkus resteasy reactive and classic
Moderate
CVE-2023-5675
was published
for
io.quarkus:quarkus-resteasy-reactive-common
(Maven)
Apr 25, 2024
Improper Authorization in Jenkins Core
High
CVE-2019-1003003
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
Memory usage graphs accessible to anyone with Overall/Read
Moderate
CVE-2020-2104
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Improper permission checks in Jenkins Copy Artifact Plugin
Moderate
CVE-2020-2183
was published
for
org.jenkins-ci.plugins:copyartifact
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API