Vulnerability Database
Blog
FAQ
Docs
Vulnerabilities
search
All ecosystems
255637
AlmaLinux
3295
Alpine
3588
Android
2135
Bitnami
4630
Chainguard
14782
CRAN
10
crates.io
1523
Debian
42353
GIT
23956
GitHub Actions
21
Go
3669
Hackage
19
Hex
32
Linux
13574
Maven
5145
npm
20983
NuGet
1377
openSUSE
9049
OSS-Fuzz
2616
Packagist
4201
Pub
10
PyPI
14686
Red Hat
14762
Rocky Linux
1442
RubyGems
1644
SUSE
15244
SwiftURL
33
Ubuntu
41927
Wolfi
8931
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-jp26-88mw-89qr
Maven/dev.sigstore:sigstore-java
sigstore-java has a vulnerability with bundle verification
2 days ago
Fix available
Severity - 2.1 (Low)
GHSA-6hqr-c69m-r76q
Maven/org.apache.hive:hive-exec
Apache Hive: Deserialization of untrusted data when fetching partitions from the Metastore
3 days ago
Fix available
Severity - 7.2 (High)
GHSA-mqvr-2rp8-j7h4
Maven/org.springframework.ldap:spring-ldap-core
Spring LDAP data exposure vulnerability
3 days ago
Fix available
Severity - 6.3 (Medium)
GHSA-rcq8-9q3j-98mw
Maven/org.apache.ozone:ozone
Apache Ozone: Improper authentication when generating S3 secrets
5 days ago
Fix available
Severity - 8.6 (High)
GHSA-mfj5-cf8g-g2fv
Maven/org.asynchttpclient:async-http-client
AsyncHttpClient (AHC) library's `CookieStore` replaces explicitly defined `Cookie`s
5 days ago
Fix available
Severity - 9.2 (Critical)
GHSA-q4h9-7rxj-7gx2
Maven/io.lettuce:lettuce-core
Netty vulnerability included in redis lettuce
5 days ago
Fix available
Severity - 6.8 (Medium)
GHSA-4cx5-89vm-833x
Maven/org.verapdf:core
Maven/org.verapdf:core-jakarta
Maven/org.verapdf:core-arlington
Maven/org.verapdf:verapdf.library
Maven/org.verapdf:verapdf-library-jakarta
Maven/org.verapdf:verapdf-library-arlington
veraPDF CLI has potential XXE (XML External Entity Injection) vulnerability
6 days ago
No fix available
Severity - 2.3 (Low)
GHSA-q3v6-hm2v-pw99
Maven/org.springframework:spring-beans
Maven/org.springframework:spring-context
Maven/org.springframework:spring-core
Maven/org.springframework:spring-expression
Maven/org.springframework:spring-jdbc
Spring Framework has Authorization Bypass for Case Sensitive Comparisons
6 days ago
Fix available
Severity - 6.3 (Medium)
GHSA-2gx6-qrpp-c4p3
Maven/io.antmedia:ant-media-server
Ant-Media-Server vulnerable to Improper Output Neutralization for Logs
29 Nov
Fix available
Severity - 8.7 (High)
GHSA-6q3q-6v5j-h6vg
Maven/io.github.openfeign.querydsl:querydsl-jpa
Maven/io.github.openfeign.querydsl:querydsl-apt
Maven/com.querydsl:querydsl-jpa
Maven/com.querydsl:querydsl-apt
Querydsl vulnerable to HQL injection trough orderBy
27 Nov
No fix available
Severity - 8.8 (High)
GHSA-4gwv-fpmg-cmv2
Maven/io.jenkins.plugins:simple-queue
Jenkins Simple Queue Plugin has stored cross-site scripting (XSS) vulnerability
27 Nov
Fix available
Severity - 8.6 (High)
GHSA-fwxq-3f52-5cmc
Maven/aendter.jenkins.plugins:filesystem-list-parameter-plugin
Jenkins Filesystem List Parameter Plugin has Path Traversal vulnerability
27 Nov
Fix available
Severity - 5.3 (Medium)
GHSA-q4xm-6fjc-5f6w
Maven/dev.sigstore:sigstore-java
sigstore-java has vulnerability with bundle verification
26 Nov
Fix available
Severity - 5.4 (Medium)
GHSA-v7gv-xpgf-6395
Maven/org.keycloak:keycloak-quarkus-server
Keycloak Build Process Exposes Sensitive Data
25 Nov
Fix available
Severity - 8.2 (High)
GHSA-5545-r4hg-rj4m
Maven/org.keycloak:keycloak-quarkus-server
Keycloak Path Traversal Vulnerability Due to External Control of File Name or Path
25 Nov
Fix available
Severity - 5.1 (Medium)
GHSA-wq8x-cg39-8mrr
Maven/org.keycloak:keycloak-services
org.keycloak:keycloak-services has Inefficient Regular Expression Complexity
25 Nov
Fix available
Severity - 7.1 (High)
Load more...
Maven - OSV