Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
light_mode
dark_mode
Vulnerabilities
search
All ecosystems
771760
AlmaLinux
5255
Alpaquita
11478
Alpine
4352
Android
3403
Azure Linux
12016
BellSoft Hardened Containers
572
Bitnami
8321
Chainguard
9259
CleanStart
1780
CRAN
14
crates.io
2561
Debian
59730
Echo
6664
GHC
3
GIT
93402
GitHub Actions
54
Go
8149
Hackage
32
Hex
183
Julia
990
Linux
25415
Mageia
6011
Maven
6694
MinimOS
88564
npm
222438
NuGet
1770
opam
19
openEuler
7186
openSUSE
13477
OSS-Fuzz
3958
Packagist
6669
Pub
11
PyPI
23771
Red Hat
21212
Rocky Linux
3628
Root
17392
RubyGems
4559
SUSE
21334
SwiftURL
58
TuxCare
5651
Ubuntu
57227
VSCode
20
Wolfi
6478
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-h4pc-58cc-hc95
Maven/com.ctrip.framework.apollo:apollo
Apollo ConfigService access key authentication bypass via raw config file appId parsing
2 hours ago
No fix available
Severity - 7.5 (High)
GHSA-4w3q-qpfq-v992
Maven/com.ctrip.framework.apollo:apollo
Apollo ConfigService access key authentication bypass via appId parsing and non-canonical matching
2 hours ago
No fix available
Severity - 7.5 (High)
GHSA-jxpj-9j24-w337
Maven/com.ctrip.framework.apollo:apollo
Apollo Portal: There is a risk of unauthorized access to the Apollo configuration center
4 hours ago
No fix available
Severity - 6.5 (Medium)
GHSA-7cmj-v6x8-frvv
Maven/ca.uhn.hapi.fhir:org.hl7.fhir.dstu2
Maven/ca.uhn.hapi.fhir:org.hl7.fhir.dstu2016may
Maven/ca.uhn.hapi.fhir:org.hl7.fhir.dstu3
Maven/ca.uhn.hapi.fhir:org.hl7.fhir.r4
Maven/ca.uhn.hapi.fhir:org.hl7.fhir.r4b
... 3 more
org.hl7.fhir.core: ReDoS via FHIRPath matches()/replaceMatches() in FHIR Validator HTTP Endpoint
4 days ago
Fix available
Severity - 7.5 (High)
GHSA-q6gh-6v2r-hjv3
Maven/io.micronaut:micronaut-http-client
Micronaut: DefaultHttpClient follows redirects, forwarding Authorization, Cookie, and Proxy-Authorization headers
4 days ago
Fix available
Severity - 6.8 (Medium)
GHSA-387m-935m-c4vw
Maven/io.micronaut:micronaut-http-client
Micronaut doesn't set a maximum redirect count for its HTTP Client, enabling infinite loop DoS
4 days ago
Fix available
Severity - 7.5 (High)
GHSA-6h3c-r723-7fx3
Maven/nl.nl-portal:taak
NL Portal: IDOR allows any authenticated user to complete and tamper with another user's taak
5 days ago
Fix available
Severity - 8.1 (High)
GHSA-qpm9-h556-mwxm
Maven/nl.nl-portal:besluiten
Maven/nl.nl-portal:documenten-api
NL Portal: Missing per-user authorization on document and decision GraphQL queries in nl-portal-backend-libraries
5 days ago
Fix available
Severity - 6.5 (Medium)
GHSA-9qm4-rh6w-pq5x
Maven/org.dspace:dspace-api
DSpace: Path Traversal is possible through LDN message generation
5 days ago
Fix available
Severity - 5.5 (Medium)
GHSA-c827-pw3m-67w7
Maven/org.dspace:dspace-api
DSpace: ORE resource URI does not validate scheme for non-web resources
5 days ago
Fix available
Severity - 4.4 (Medium)
GHSA-v66x-68f2-pxf5
Maven/org.dspace:dspace-api
DSpace has a possible Path Traversal Vulnerability in its Curation Task Reporter output path
5 days ago
Fix available
Severity - 5.5 (Medium)
GHSA-9x82-rm84-c6x7
Maven/org.dspace:dspace-api
DSpace has possible Remote Code Execution (RCE) through Velocity Templates used by LDN
5 days ago
Fix available
Severity - 8.0 (High)
GHSA-qj4x-9g63-25g6
Maven/org.xwiki.platform:xwiki-platform-oldcore
XWiki Platform Old Core: Resource path traversal via /skin/ action endpoint in Jetty 12+
6 days ago
Fix available
Severity - 8.2 (High)
GHSA-cgfv-jrfp-2r7v
Maven/io.openremote:openremote-manager
OpenRemote has Authenticated SQL Injection via Datapoint Crosstab Export
6 days ago
Fix available
Severity - 7.2 (High)
GHSA-7v6w-c3f4-9wpq
Maven/io.openremote:openremote-agent
OpenRemote has an incomplete fix for CVE-2026-40882: XXE in KNXProtocol.startAssetImport() allows arbitrary file read via unprotected XMLInputFactory
06 Jul
Fix available
Severity - 7.6 (High)
GHSA-xqr9-4wvv-gvch
Maven/io.openremote:openremote-manager
OpenRemote has Cross-Realm User Information Disclosure in UserResourceImpl
06 Jul
Fix available
Severity - 7.7 (High)
Load more...
Maven - OSV