Vulnerability Database
Blog
FAQ
Docs
Vulnerabilities
search
All ecosystems
310242
AlmaLinux
3618
Alpine
3724
Android
2909
Bitnami
5590
Chainguard
27225
CRAN
10
crates.io
1717
Debian
46286
GHC
3
GIT
28972
GitHub Actions
28
Go
4303
Hackage
23
Hex
36
Linux
13573
Mageia
5622
Maven
5560
MinimOS
1631
npm
26432
NuGet
1439
openSUSE
10040
OSS-Fuzz
3614
Packagist
4718
Pub
10
PyPI
15871
Red Hat
16105
Rocky Linux
1757
RubyGems
1683
SUSE
16317
SwiftURL
35
Ubuntu
46498
Wolfi
14893
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-mf3r-6m25-3867
Maven/com.liferay.portal:com.liferay.portal.kernel
Liferay Portal SessionClicks does not restrict the saving of request parameters in the HTTP session
2 hours ago
Fix available
Severity - 8.7 (High)
GHSA-vv7r-c36w-3prj
Maven/org.apache.commons:commons-fileupload2-core
Apache Commons FileUpload, Apache Commons FileUpload: FileUpload DoS via part headers
2 hours ago
Fix available
Severity - 8.7 (High)
GHSA-8c26-xm99-53w7
Maven/com.liferay:com.liferay.portal.vulcan.impl
Liferay Portal does not limit the depth of a GraphQL queries
2 hours ago
Fix available
Severity - 8.7 (High)
GHSA-59w6-r9hm-439h
Maven/org.xwiki.platform:xwiki-platform-security-requiredrights-default
XWiki does not require right warnings for XClass definitions
2 days ago
Fix available
Severity - 8.6 (High)
GHSA-jp4x-w9cj-97q7
Maven/org.xwiki.platform:xwiki-platform-oldcore
XWiki allows remote code execution through preview of XClass changes in AWM editor
2 days ago
Fix available
Severity - 8.7 (High)
GHSA-j7p2-87q3-44w7
Maven/org.xwiki.platform:xwiki-platform-notifications-notifiers-default
XWiki does not require right warnings for notification displayer objects
2 days ago
Fix available
Severity - 6.4 (Medium)
GHSA-mvp5-qx9c-c3fv
Maven/org.xwiki.platform:xwiki-platform-rest-server
XWiki makes title of inaccessible pages available through the class property values REST API
2 days ago
Fix available
Severity - 8.7 (High)
GHSA-ff6v-w58f-v97w
Maven/org.xwiki.platform:xwiki-platform-notifications-notifiers-default
XWiki provides no warning when granting XWiki.Notifications.Code.NotificationEmailRendererClass admin right
2 days ago
Fix available
Severity - 5.1 (Medium)
GHSA-c32m-27pj-4xcj
Maven/org.xwiki.platform:xwiki-platform-rendering-xwiki
Maven/org.xwiki.platform:xwiki-platform-rendering-macro-cache
Maven/org.xwiki.platform:xwiki-platform-security-requiredrights-default
Maven/org.xwiki.platform:xwiki-platform-rendering-macro-context
XWiki's required right warnings for macros are incomplete
2 days ago
Fix available
Severity - 8.6 (High)
GHSA-m63q-4hr8-5r5h
Maven/org.noear:solon-faas-luffy
Solon Vulnerable to Directory Traversal
3 days ago
Fix available
Severity - 6.1 (Medium)
GHSA-6r3c-xf4w-jxjm
Maven/org.springframework:spring-web
Spring Framework vulnerable to a reflected file download (RFD)
3 days ago
Fix available
Severity - 6.5 (Medium)
GHSA-prwh-7838-xf82
Maven/org.xwiki.platform:xwiki-platform-oldcore
XWiki allows SQL injection in query endpoint of REST API with Oracle
3 days ago
Fix available
Severity - 9.3 (Critical)
GHSA-hq9p-pm7w-8p54
Maven/org.postgresql:postgresql
pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require Configuration
5 days ago
Fix available
Severity - 8.2 (High)
GHSA-68cf-j696-wvv9
Maven/org.geoserver:gs-wfs
GeoServer vulnerable to SSRF in TestWfsPost for specific targets, e.g. PHP + Nginx
5 days ago
Fix available
Severity - 7.5 (High)
GHSA-2p76-gc46-5fvc
Maven/org.geonetwork-opensource:gn-web-app
Maven/org.geonetwork-opensource:gn-wfsfeature-harvester
GeoNetwork affected by XML External Entity (XXE) processing vulnerability in WFS indexing REST API endpoint
5 days ago
Fix available
Severity - 8.2 (High)
GHSA-jj54-8f66-c5pc
Maven/org.geoserver.web:gs-web-app
Maven/org.geoserver:gs-wfs
[XBOW-025-068] XML External Entity (XXE) Processing Vulnerability in GeoServer WFS Service
5 days ago
Fix available
Severity - 8.2 (High)
Load more...
Maven - OSV