Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

136 advisories

Loading
Apache Tomcat Allows Remote Attackers to Spoof AJP Requests High
CVE-2011-3190 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Authentication in Apache WSS4J High
CVE-2014-3612 was published for org.apache.activemq:activemq-broker (Maven) May 14, 2022
sunSUNQ
Improper Authentication in Apache Tomcat Moderate
CVE-2013-2067 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
Improper Authentication in Jenkins Moderate
CVE-2018-1999045 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Apache OpenMeetings may allow authenticated attacker to deny service for privileged users Moderate
CVE-2018-1286 was published for org.apache.openmeetings:openmeetings-parent (Maven) May 13, 2022
Improper Authentication In Apache NiFi High
CVE-2017-5635 was published for org.apache.nifi:nifi (Maven) May 13, 2022
Improper Authentication in Jenkins Blue Ocean Plugin High
CVE-2017-1000106 was published for io.jenkins.blueocean:blueocean (Maven) May 13, 2022
Improper Authentication in Jenkins Blue Ocean Plugin Moderate
CVE-2017-1000110 was published for io.jenkins.blueocean:blueocean (Maven) May 13, 2022
Improper Authentication in Jenkins Moderate
CVE-2017-2604 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Infinispan Rest API Does Not Enforce Auth Constraints Moderate
CVE-2017-2638 was published for org.infinispan:infinispan-server-core (Maven) May 13, 2022
Missing permission checks in Jenkins Distributed Fork Plugin High
CVE-2017-2652 was published for org.jenkins-ci.plugins:distfork (Maven) May 13, 2022
Improper Authentication in Apache Kafka Moderate
CVE-2017-12610 was published for org.apache.kafka:kafka-clients (Maven) May 13, 2022
Keycloak Oauth Implementation Error High
CVE-2017-12160 was published for org.keycloak:keycloak-parent (Maven) May 13, 2022
Improper Authentication in Pivotal Spring-LDAP High
CVE-2017-8028 was published for org.springframework.ldap:spring-ldap-core (Maven) May 13, 2022
guidobonomi
Improper Authentication in Apache CXF Moderate
CVE-2012-2378 was published for org.apache.cxf:cxf (Maven) May 13, 2022
Improper Authentication in Apache CXF Critical
CVE-2012-0803 was published for org.apache.cxf:cxf (Maven) May 13, 2022
Improper Authentication in Apache CXF Moderate
CVE-2012-5633 was published for org.apache.cxf:cxf (Maven) May 13, 2022
sunSUNQ
Improper Authentication in Apache WSS4J Moderate
CVE-2014-3623 was published for org.apache.ws.security:wss4j (Maven) May 13, 2022
coheigea
Improper Authentication in Spring Security High
CVE-2014-0097 was published for org.springframework.security:spring-security-core (Maven) May 13, 2022
Improper Authentication in Apache Axis2 Moderate
CVE-2012-5351 was published for org.apache.axis2:axis2 (Maven) May 13, 2022
Improper Authentication in Apache CXF Moderate
CVE-2013-0239 was published for org.apache.cxf:cxf-rt-frontend-jaxrs (Maven) May 5, 2022
sunSUNQ
Improper Authentication in Apache Tomcat Moderate
CVE-2009-2901 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
MarkLee131 sunSUNQ
Ignite Realtime Openfire Allows Users to Change Passwords of Arbitrary Accounts Moderate
CVE-2009-1595 was published for org.igniterealtime.openfire:parent (Maven) May 2, 2022
Improper Authentication in Mortbay Jetty High
CVE-2007-5614 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022
Keycloak is vulnerable to IDN homograph attack Moderate
CVE-2021-3424 was published for org.keycloak:keycloak-services (Maven) Apr 28, 2022
ProTip! Advisories are also available from the GraphQL API