Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
Authentication Bypass High
CVE-2021-29441 was published for com.alibaba.nacos:nacos-common (Maven) Apr 27, 2021
HTTP Method Spoofing High
CVE-2021-43807 was published for org.opencastproject:opencast-common (Maven) Dec 14, 2021
lkiesow Credited to lkiesow
Authentication Bypass in Apache Cassandra High
CVE-2020-17516 was published for org.apache.cassandra:cassandra-all (Maven) Feb 9, 2022
SMTP smuggling in Apache James High
CVE-2023-51747 was published for org.apache.james:james-server (Maven) Feb 27, 2024
oscerd Credited to oscerd
Apache HugeGraph-Server: Bypass whitelist in Auth mode High
CVE-2024-27349 was published for org.apache.hugegraph:hugegraph-api (Maven) Apr 22, 2024
Jenkins Script Security Plugin sandbox bypass vulnerability High
CVE-2024-34145 was published for org.jenkins-ci.plugins:script-security (Maven) May 2, 2024
Apache SeaTunnel Web Authentication vulnerability High
CVE-2023-48396 was published for org.apache.seatunnel:seatunnel-web (Maven) Jul 30, 2024
Signature forgery in Spring Boot's Loader High
CVE-2024-38807 was published for org.springframework.boot:spring-boot-loader (Maven) Aug 23, 2024
Apache ZooKeeper: Authentication bypass with IP-based authentication in Admin Server High
CVE-2024-51504 was published for org.apache.zookeeper:zookeeper (Maven) Nov 7, 2024
ferdlestier Credited to ferdlestier
Keycloak: Session fixation in OIDC login flow that can lead to account takeover High
CVE-2026-7507 was published for org.keycloak:keycloak-services (Maven) May 19, 2026
ProTip! Advisories are also available from the GraphQL API