GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
719 advisories
Improper escaping in Apache Zeppelin
Critical
CVE-2024-31866
was published
for
org.apache.zeppelin:zeppelin-interpreter
(Maven)
Apr 9, 2024
Apache Zeppelin remote code execution by adding malicious JDBC connection string
Critical
CVE-2024-31864
was published
for
org.apache.zeppelin:zeppelin-jdbc
(Maven)
Apr 9, 2024
Apache InLong: Logged-in user could exploit an arbitrary file read vulnerability
Critical
CVE-2024-26580
was published
for
org.apache.inlong:manager-common
(Maven)
Mar 6, 2024
Apache James server: Privilege escalation via JMX pre-authentication deserialization
Critical
CVE-2023-51518
was published
for
org.apache.james:james-server
(Maven)
Feb 27, 2024
SAML authentication bypass due to missing validation on unsigned SAML messages
Critical
GHSA-hx5q-v6pj-533r
was published
for
com.linecorp.centraldogma:centraldogma-server-auth-saml
(Maven)
Feb 26, 2024
Armeria SAML authentication bypass due to missing validation on unsigned SAML messages
Critical
CVE-2024-1735
was published
for
com.linecorp.armeria:armeria-saml
(Maven)
Feb 26, 2024
org.postgresql:postgresql vulnerable to SQL Injection via line comment generation
Critical
CVE-2024-1597
was published
for
org.postgresql:postgresql
(Maven)
Feb 21, 2024
ProTip!
Advisories are also available from the
GraphQL API