Vulnerability Database
Blog
FAQ
Docs
Vulnerabilities
search
All ecosystems
302505
AlmaLinux
3516
Alpine
3671
Android
2865
Bitnami
5366
Chainguard
26281
CRAN
10
crates.io
1692
Debian
45977
GHC
3
GIT
28093
GitHub Actions
25
Go
4176
Hackage
23
Hex
35
Linux
13573
Mageia
5591
Maven
5471
npm
25232
NuGet
1432
openSUSE
9941
OSS-Fuzz
3590
Packagist
4628
Pub
10
PyPI
15707
Red Hat
15698
Rocky Linux
1757
RubyGems
1681
SUSE
16148
SwiftURL
35
Ubuntu
45938
Wolfi
14340
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-pvp8-3xj6-8c6x
Maven/commons-configuration:commons-configuration
Apache Commons Configuration Uncontrolled Resource Consumption
3 days ago
No fix available
Severity - 2.7 (Low)
GHSA-889j-63jv-qhr8
Maven/org.eclipse.jetty.http2:jetty-http2-common
Eclipse Jetty HTTP/2 client can force the server to allocate a humongous byte buffer that may lead to OoM and subsequently the JVM to exit
3 days ago
Fix available
Severity - 7.5 (High)
GHSA-q4rv-gq96-w7c5
Maven/org.eclipse.jetty:jetty-server
**UNSUPPORTED WHEN ASSIGNED** GzipHandler causes part of request body to be seen as request body of a separate request
3 days ago
Fix available
Severity - 7.2 (High)
GHSA-72qj-48g4-5xgx
Maven/rubygems:jruby-openssl
Maven/org.jruby:jruby
JRuby-OpenSSL has hostname verification disabled by default
4 days ago
Fix available
Severity - 5.7 (Medium)
GHSA-76vf-mpmx-777j
Maven/org.graylog2:graylog2-server
Graylog Allows Session Takeover via Insufficient HTML Sanitization
4 days ago
Fix available
Severity - 8.0 (High)
GHSA-q9q2-3ppx-mwqf
Maven/org.graylog2:graylog2-server
Graylog Allows Stored Cross-Site Scripting via Files Plugin and API Browser
4 days ago
Fix available
Severity - 7.3 (High)
GHSA-whxr-3p84-rf3c
Maven/org.apache.activemq:activemq-openwire-legacy
Maven/org.apache.activemq:activemq-client
Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation
5 days ago
Fix available
Severity - 6.9 (Medium)
GHSA-f7jh-m6wp-jm7f
Maven/org.jboss.hal:hal-console
HAL Cross Site Scripting (XSS) vulnerability of user input when storing it in a data store
5 days ago
Fix available
Severity - 4.6 (Medium)
GHSA-p2f8-vq4r-gqg3
Maven/com.liferay:com.liferay.marketplace.app.manager.web
Liferay Portal Reflected XSS in marketplace-app-manager-web
5 days ago
Fix available
Severity - 6.9 (Medium)
GHSA-53wx-pr6q-m3j5
Maven/org.apache.parquet:parquet-avro
Apache Parquet Java: Potential malicious code execution from trusted packages in the parquet-avro module when reading an Avro schema from a Parquet file metadata
6 days ago
Fix available
Severity - 7.1 (High)
GHSA-w7xj-pj5f-8pwh
Maven/com.baidu.mapp:brcc-core
BRCC Incorrect Access Control vulnerability
6 days ago
No fix available
Severity - 9.8 (Critical)
GHSA-h94w-8qhg-3xmc
Maven/org.wso2.am:am-distribution-parent
WSO2 API Manager XML External Entity (XXE) vulnerability
05 May
Fix available
Severity - 9.1 (Critical)
GHSA-5jfq-x6xp-7rw2
Maven/org.keycloak:keycloak-services
Keycloak vulnerable to two factor authentication bypass
30 Apr
Fix available
Severity - 5.4 (Medium)
GHSA-hw58-3793-42gg
Maven/org.keycloak:keycloak-services
Keycloak hostname verification
30 Apr
Fix available
Severity - 8.2 (High)
GHSA-8g2j-rhfh-hq3r
Maven/org.xwiki.contrib.markdown:syntax-markdown-commonmark12
org.xwiki.contrib.markdown:syntax-markdown-commonmark12 vulnerable to XSS via Markdown content
30 Apr
Fix available
Severity - 9.0 (Critical)
GHSA-f9c6-2f9p-82jj
Maven/org.xwiki.platform:xwiki-platform-security-authentication-ui
Any user with view access to the XWiki space can change the authenticator
30 Apr
Fix available
Severity - 8.4 (High)
Load more...
Maven - OSV