Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-c5w7-m8wf-xc77
  • Maven/org.apache.nifi:nifi-web-api
 Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates yesterday
  • Fix available
  • Severity - 8.7 (High)
GHSA-qhp6-6p8p-2rqh
  • Maven/org.wildfly.core:wildfly-elytron-integration
 Wildfly Elytron integration susceptible to brute force attacks via CLI 5 days ago
  • Fix available
  • Severity - 8.1 (High)
GHSA-rp46-r563-jrc7
  • Maven/org.apache.avro:avro
 Apache Avro Java SDK is Vulnerable to Code Injection 5 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-74rh-c5rh-88vg
  • Maven/org.xwiki.platform:xwiki-platform-web
 XWiki vulnerable to click-jacking through CSS injection in comments 6 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-pqqf-7hxm-rj5r
  • Maven/org.open-metadata:openmetadata-sdk
 Leaky JWTs in OpenMetadata exposing highly-privileged bot users 11 Feb
  • Fix available
  • Severity - 7.6 (High)
GHSA-c4qc-4q9p-m9q9
  • Maven/org.apache.shiro:shiro-core
 Apache Shiro Affected by an Observable Timing Discrepancy Vulnerability 10 Feb
  • Fix available
  • Severity - 1.0 (Low)
GHSA-gv3v-2cpp-3pmq
  • Maven/org.keycloak:keycloak-quarkus-server
 Keycloak logs sensitive headers 10 Feb
  • Fix available
  • Severity - 5.0 (Medium)
GHSA-q672-hfc7-g833
  • Maven/org.apache.druid.extensions:druid-basic-security
 Apache Druid Vulnerable to Authentication Bypass 10 Feb
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-37gf-gmxv-74wv
  • Maven/org.keycloak:keycloak-services
 Keycloak fails to verify if an Identity Provider (IdP) is enabled before issuing tokens 09 Feb
  • Fix available
  • Severity - 8.8 (High)
GHSA-fm6w-rrp3-2x4w
  • Maven/org.keycloak:keycloak-services
 Keycloak Affected by Broken Access Control Vulnerability in the UserManagedPermissionService 09 Feb
  • Fix available
  • Severity - 5.4 (Medium)
GHSA-hcvw-475w-8g7p
  • Maven/org.keycloak:keycloak-services
 Keycloak affected by improper invitation token validation 09 Feb
  • Fix available
  • Severity - 8.1 (High)
GHSA-c244-p6m5-vqj6
  • Maven/org.apache.shiro:shiro-spring
 Apache Shiro has an Authentication Bypass 09 Feb
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-xr72-g735-4vwp
  • Maven/org.neo4j:neo4j
 Neo4j Enterprise and Community editions have insufficient escaping of unicode characters in query log 06 Feb
  • Fix available
  • Severity - 1.1 (Low)
GHSA-4j3g-rwwq-4p54
  • Maven/org.neo4j:neo4j
 Neo4j Enterprise and Community vulnerable to a potential information disclosure 04 Feb
  • Fix available
  • Severity - 4.8 (Medium)
GHSA-73f3-rqqf-2j54
  • Maven/org.apache.syncope.client.idrepo:syncope-client-idrepo-console
 Apache Syncope: Console XXE on Keymaster parameters 03 Feb
  • Fix available
  • Severity - 4.9 (Medium)
GHSA-v84m-gfw5-hm2w
  • Maven/org.apache.syncope.client.idrepo:syncope-client-idrepo-common-ui
 Apache Syncope: Reflected XSS on Enduser Login 03 Feb
  • Fix available
  • Severity - 6.8 (Medium)
Load more...