Vulnerability Database
Blog
FAQ
Docs
Vulnerability Library
search
All ecosystems
116792
AlmaLinux
2819
Alpine
3399
Android
890
Bitnami
3902
CRAN
10
crates.io
1352
Debian
9878
GIT
33039
GitHub Actions
16
Go
2172
Hackage
18
Hex
30
Linux
13573
Maven
4887
npm
14431
NuGet
582
OSS-Fuzz
3305
Packagist
3406
Pub
8
PyPI
11934
Rocky Linux
1192
RubyGems
789
SwiftURL
31
Ubuntu
5129
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-wpcv-5jgp-69f3
Maven/com.netflix.genie:genie-web
Genie Path Traversal vulnerability via File Uploads
0.20
0.21
0.22
0.23
0.24
1.0.0
1.0.1
...
2024-05-09T21:35:23Z
Fix available
GHSA-fgh3-pwmp-3qw3
Maven/org.apache.inlong:manager-pojo
Apache Inlong Deserialization of Untrusted Data vulnerability
1.10.0
1.11.0
1.7.0
1.8.0
1.9.0
2024-05-08T15:30:42Z
Fix available
GHSA-p343-9qwp-pqxv
Maven/org.neo4j:neo4j-cypher
Neo4j Cypher component mishandles IMMUTABLE privileges
1.4
1.4.1
1.4.2
1.4.M04
1.4.M05
1.4.M06
1.5
...
2024-05-07T18:30:34Z
Fix available
GHSA-64cm-3cj3-67hf
Maven/net.mingsoft:ms-basic
MS Basic Cross-site Scripting vulnerability
1.0.0
1.0.1
1.0.10
1.0.11
1.0.12
1.0.13
1.0.14
...
2024-05-07T18:30:33Z
No fix available
GHSA-2x52-8f29-7cjr
Maven/org.eclipse.edc:connector-core
Eclipse Dataspace Components vulnerable to OAuth2 client secret disclosure
0.2.1
0.3.0
0.3.1
0.4.0
0.4.1
0.5.0
0.5.1
...
2024-05-07T15:30:36Z
Fix available
GHSA-4h8f-2wvx-gg5w
Maven/org.bouncycastle:bcprov-jdk18on
Maven/org.bouncycastle:bcprov-jdk15to18
Maven/org.bouncycastle:bcprov-jdk14
Maven/org.bouncycastle:bcprov-jdk13
Maven/org.bouncycastle:bcprov-jdk12
Bouncy Castle Java Cryptography API vulnerable to DNS poisoning
1.71
1.71.1
1.72
1.73
1.74
1.75
1.76
...
2024-05-03T18:30:37Z
Fix available
GHSA-vpw3-3prf-3974
Maven/org.apache.hive:hive-jdbc
Apache Hive Code Injection vulnerability
4.0.0-alpha-1
4.0.0-alpha-2
4.0.0-beta-1
2024-05-03T09:30:52Z
Fix available
GHSA-2g4q-9vm9-9fw4
Maven/org.jenkins-ci.plugins:script-security
Jenkins Script Security Plugin sandbox bypass vulnerability
1.0
1.0-beta-1
1.0-beta-2
1.0-beta-3
1.0-beta-4
1.0-beta-5
1.0-beta-6
...
2024-05-02T15:30:35Z
Fix available
GHSA-94pr-w968-h923
Maven/org.jenkins-ci.plugins:telegrambot
Jenkins Telegram Bot Plugin stores the Telegram Bot token in plaintext
See details.
2024-05-02T15:30:35Z
No fix available
GHSA-phh3-2p9m-w6j5
Maven/org.jenkins-ci.plugins:partial-release-manager
Jenkins Subversion Partial Release Manager Plugin programmatically disables the fix for CVE-2016-3721
See details.
2024-05-02T15:30:35Z
No fix available
GHSA-v63g-v339-2673
Maven/org.jenkins-ci.plugins:script-security
Jenkins Script Security Plugin has sandbox bypass vulnerability involving crafted constructor bodies
1.0
1.0-beta-1
1.0-beta-2
1.0-beta-3
1.0-beta-4
1.0-beta-5
1.0-beta-6
...
2024-05-02T15:30:35Z
Fix available
GHSA-x7g6-rwhc-g7mj
Maven/org.wildfly:wildfly-domain-http
Wildfly vulnerable to denial of service
8.0.0.Alpha1
8.0.0.Alpha2
8.0.0.Alpha3
8.0.0.Alpha4
8.0.0.Beta1
8.0.0.CR1
8.0.0.Final
...
2024-05-02T15:30:35Z
No fix available
GHSA-xh9c-vcf9-h94m
Maven/org.jenkins-ci.plugins:git-server
Jenkins Git server Plugin does not perform a permission check
1.0
1.1
1.10
1.11
1.2
1.3
1.4
...
2024-05-02T15:30:35Z
Fix available
GHSA-gj5m-m88j-v7c3
Maven/org.apache.activemq:apache-activemq
Apache ActiveMQ's default configuration doesn't secure the API web context
6.0.0
6.0.1
6.1.0
6.1.1
2024-05-02T09:30:48Z
Fix available
GHSA-chfm-68vv-pvw5
Maven/org.xmlunit:xmlunit-core
XMLUnit for Java has Insecure Defaults when Processing XSLT Stylesheets
2.0.0
2.0.0-alpha-02
2.0.0-alpha-03
2.0.0-alpha-04
2.1.0
2.1.1
2.2.0
...
2024-05-01T16:40:01Z
Fix available
GHSA-25w4-hfqg-4r52
Maven/io.quarkus:quarkus-resteasy-reactive-common-deployment
Maven/io.quarkus:quarkus-resteasy-reactive-common
Quarkus: authorization flaw in quarkus resteasy reactive and classic
1.11.0.Beta1
1.11.0.Beta2
1.11.0.CR1
1.11.0.Final
1.11.1.Final
1.11.2.Final
1.11.3.Final
...
2024-04-25T18:30:39Z
Fix available
Load more...
Maven - OSV