GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
818 advisories
PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext
Critical
CVE-2025-23215
was published
for
net.sourceforge.pmd:pmd-core
(Maven)
Jan 31, 2025
General OpenMRS Security Advisory, January 2025: Penetration Testing Results and Patches
Critical
GHSA-vpxm-cr3r-pjp9
was published
for
org.openmrs.module:addresshierarchy
(Maven)
Jan 30, 2025
Apache MINA Deserialization RCE Vulnerability
Critical
CVE-2024-52046
was published
for
org.apache.mina:mina-core
(Maven)
Dec 25, 2024
http4k has a potential XXE (XML External Entity Injection) vulnerability
Critical
CVE-2024-55875
was published
for
org.http4k:http4k-format-xml
(Maven)
Dec 12, 2024
Apache Struts file upload logic is flawed
Critical
CVE-2024-53677
was published
for
org.apache.struts:struts2-core
(Maven)
Dec 11, 2024
AsyncHttpClient (AHC) library's `CookieStore` replaces explicitly defined `Cookie`s
Critical
CVE-2024-53990
was published
for
org.asynchttpclient:async-http-client
(Maven)
Dec 2, 2024
JSONPath Plus Remote Code Execution (RCE) Vulnerability
Critical
CVE-2024-21534
was published
for
jsonpath-plus
(Maven)
Oct 11, 2024
Apache Avro Java SDK: Arbitrary Code Execution when reading Avro Data (Java SDK)
Critical
CVE-2024-47561
was published
for
org.apache.avro:avro
(Maven)
Oct 3, 2024
ProTip!
Advisories are also available from the
GraphQL API