GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,057
Maven
5,000+
npm
3,742
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
349 advisories
Filter by severity
Missing XML Validation in Apache Tomcat
Moderate
CVE-2014-0119
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat
Moderate
CVE-2014-0099
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Input Validation in Apache Tomcat
Moderate
CVE-2014-0096
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Denial of service in Apache Tomcat
Moderate
CVE-2014-0095
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
May 17, 2022
Integer Overflow or Wraparound in Apache Tomcat
Moderate
CVE-2014-0075
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
Moderate
CVE-2013-4590
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Apache Tomcat Denial of Service vulnerability
Moderate
CVE-2013-4322
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Apache Tomcat does not enforce the maxHttpHeaderSize limit
High
CVE-2011-0534
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Apache Tomcat is vulnerable to HTTP request-smuggling
Moderate
CVE-2013-4286
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Authentication in Apache Tomcat
Moderate
CVE-2011-5063
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Authentication in Apache Tomcat
Moderate
CVE-2011-5062
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Apache Tomcat Allows Remote Attackers to Spoof AJP Requests
High
CVE-2011-3190
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Input Validation in Apache Tomcat
Moderate
CVE-2011-2526
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Apache Tomcat Allows Replacing of XML Parser
Moderate
CVE-2011-2481
was published
for
org.apache.tomcat:tomcat
(Maven)
May 17, 2022
Insertion of Sensitive Information into Log File in Apache Tomcat
Moderate
CVE-2011-2204
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Access restriction bypass in Apache Tomcat
Moderate
CVE-2011-1582
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Authentication Bypass in Apache Tomcat
Moderate
CVE-2011-1184
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Access controll bypass in Apache Tomcat
Moderate
CVE-2011-1183
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Neutralization of Input During Web Page Generation in Apache Tomcat
Moderate
CVE-2011-0013
was published
for
org.apache.tomcat:tomcat
(Maven)
May 3, 2022
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
Low
CVE-2010-3718
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Directory Traversal in Apache Tomcat
Moderate
CVE-2008-5515
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Cross-site scripting in Apache ActiveMQ
Low
CVE-2010-0684
was published
for
org.apache.activemq:activemq-parent
(Maven)
May 2, 2022
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Apache Tomcat
Moderate
CVE-2009-2902
was published
for
org.apache.tomcat:tomcat
(Maven)
May 2, 2022
Improper Authentication in Apache Tomcat
Moderate
CVE-2009-2901
was published
for
org.apache.tomcat:tomcat
(Maven)
May 2, 2022
Apache Tomcat Directory Traversal vulnerability
Moderate
CVE-2009-2693
was published
for
org.apache.tomcat:tomcat
(Maven)
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API