GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
5,108 advisories
Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator.
Moderate
CVE-2024-45772
was published
for
org.apache.lucene:lucene-replicator
(Maven)
Sep 30, 2024
Apache Hadoop: Temporary File Local Information Disclosure
Low
CVE-2024-23454
was published
for
org.apache.hadoop:hadoop-common
(Maven)
Sep 25, 2024
Apache Linkis Spark EngineConn: Commons Lang's RandomStringUtils Random string security vulnerability
High
CVE-2024-39928
was published
for
org.apache.linkis:linkis-engineplugin-spark
(Maven)
Sep 25, 2024
DataEase has an XML External Entity Reference vulnerability
High
CVE-2024-46985
was published
for
io.dataease:common
(Maven)
Sep 23, 2024
DataEase's H2 datasource has a remote command execution risk
Critical
CVE-2024-46997
was published
for
io.dataease:common
(Maven)
Sep 23, 2024
SOFA Hessian Remote Command Execution (RCE) Vulnerability
High
CVE-2024-46983
was published
for
com.alipay.sofa:hessian
(Maven)
Sep 19, 2024
org.xwiki.platform:xwiki-platform-notifications-ui is missing checks for notification filter preferences editions
Moderate
CVE-2024-46978
was published
for
org.xwiki.platform:xwiki-platform-notifications-ui
(Maven)
Sep 18, 2024
Path traversal vulnerability in functional web frameworks
High
CVE-2024-38816
was published
for
org.springframework:spring-webmvc
(Maven)
Sep 13, 2024
ProTip!
Advisories are also available from the
GraphQL API