GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
Undertow vulnerable to Race Condition
High
CVE-2024-7885
was published
for
io.undertow:undertow-core
(Maven)
Aug 21, 2024
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Moderate
CVE-2024-35255
was published
for
@azure/identity
(Go)
Jun 11, 2024
Apache Tomcat Race Condition vulnerability
Low
CVE-2021-43980
was published
for
org.apache.tomcat:tomcat
(Maven)
Sep 29, 2022
undertow Race Condition vulnerability
Moderate
CVE-2021-3597
was published
for
io.undertow:undertow-core
(Maven)
May 25, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Elasticsearch
Moderate
CVE-2019-7614
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 24, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Spring Security
Moderate
CVE-2011-2731
was published
for
org.springframework.security:spring-security-core
(Maven)
May 17, 2022
Apache Guacamole Race Condition vulnerability
High
CVE-2017-3158
was published
for
org.apache.guacamole:guacamole-common
(Maven)
May 14, 2022
Race Condition in Jenkins
High
CVE-2017-1000503
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Apache Tomcat
High
CVE-2016-8745
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper synchronization in Apache Netbeans HTML/Java API
High
CVE-2020-17534
was published
for
org.netbeans.html:pom
(Maven)
Feb 9, 2022
An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false member down event messages.
Moderate
CVE-2020-35216
was published
for
io.atomix:atomix
(Maven)
Dec 17, 2021
Timing based private key exposure in Bouncy Castle
Moderate
CVE-2020-15522
was published
for
BouncyCastle
(Maven)
Aug 13, 2021
Information disclosure in JBoss Weld
Moderate
CVE-2014-8122
was published
for
org.jboss.weld:weld-core-bom
(Maven)
Jun 10, 2020
Race condition in org.apache.hbase:hbase-thrift
High
CVE-2018-8025
was published
for
org.apache.hbase:hbase-thrift
(Maven)
Oct 18, 2018
Apache Tomcat Race Condition vulnerability
Moderate
CVE-2018-8037
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Oct 17, 2018
ProTip!
Advisories are also available from the
GraphQL API