Vulnerability Database
Blog
FAQ
Docs
Vulnerability Library
search
All ecosystems
112045
AlmaLinux
2822
Alpine
3427
Android
890
Bitnami
3949
CRAN
10
crates.io
1353
Debian
9889
GIT
27848
GitHub Actions
16
Go
2185
Hackage
18
Hex
30
Linux
13573
Maven
4893
npm
14445
NuGet
587
OSS-Fuzz
3314
Packagist
3588
Pub
8
PyPI
12039
Rocky Linux
1192
RubyGems
790
SwiftURL
31
Ubuntu
5148
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-76v2-48w6-crxr
Maven/org.bonitasoft.engine:bonita-server
Bonitasoft Runtime Community edition's contains an insecure direct object references vulnerability
6.1.0
6.1.1
6.1.2
6.2.0
6.2.1
6.2.2
6.2.3
...
2024-05-15T18:30:35Z
Fix available
GHSA-x3wm-hffr-chwm
Maven/com.amazon.redshift:redshift-jdbc42
Amazon JDBC Driver for Redshift SQL Injection via line comment generation
2.0.0.3
2.0.0.4
2.0.0.5
2.0.0.6
2.0.0.7
2.1.0.1
2.1.0.10
...
2024-05-15T17:10:49Z
Fix available
GHSA-g95v-3pj6-j433
Maven/io.antmedia:ant-media-server
Ant Media Server does not properly authorize non-administrative API calls
1.2.0
1.2.2
1.2.3
1.2.4
1.2.5
1.2.6
1.3.0
...
2024-05-14T18:30:52Z
No fix available
GHSA-338x-hfx8-vx9x
Maven/org.apache.karaf:cave
Apache Karaf Cave: Cave SSRF and arbitrary file access
2.3.0
3.0.0
4.0.0
4.1.0
4.1.1
4.1.2
2024-05-14T18:30:50Z
No fix available
GHSA-8xfc-gm6g-vgpv
Maven/org.bouncycastle:bcprov-jdk18on
Maven/org.bouncycastle:bcprov-jdk15on
Maven/org.bouncycastle:bcprov-jdk15to18
Maven/org.bouncycastle:bcprov-jdk14
Maven/org.bouncycastle:bctls-jdk18on
Maven/org.bouncycastle:bctls-jdk14
Maven/org.bouncycastle:bctls-jdk15to18
Maven/org.bouncycastle:bcpkix-jdk18on
Maven/org.bouncycastle:bcpkix-jdk15to18
Maven/org.bouncycastle:bcpkix-jdk14
Maven/org.bouncycastle:bc-fips
NuGet/BouncyCastle
NuGet/BouncyCastle.Cryptography
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
1.71
1.71.1
1.72
1.73
1.74
1.75
1.76
...
2024-05-14T15:32:54Z
Fix available
GHSA-m44j-cfrm-g8qc
Maven/org.bouncycastle:bcprov-jdk18on
Maven/org.bouncycastle:bcprov-jdk15on
Maven/org.bouncycastle:bcprov-jdk15to18
Maven/org.bouncycastle:bcprov-jdk14
Maven/org.bouncycastle:bctls-jdk18on
Maven/org.bouncycastle:bctls-jdk14
Maven/org.bouncycastle:bctls-jdk15to18
Maven/org.bouncycastle:bcpkix-jdk18on
Maven/org.bouncycastle:bcpkix-jdk15to18
Maven/org.bouncycastle:bcpkix-jdk14
NuGet/BouncyCastle
NuGet/BouncyCastle.Cryptography
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
1.71
1.71.1
1.72
1.73
1.74
1.75
1.76
...
2024-05-14T15:32:54Z
Fix available
GHSA-v435-xc8x-wvr9
Maven/org.bouncycastle:bctls-fips
Maven/org.bouncycastle:bcprov-jdk18on
Maven/org.bouncycastle:bcprov-jdk15on
Maven/org.bouncycastle:bcprov-jdk15to18
Maven/org.bouncycastle:bcprov-jdk14
Maven/org.bouncycastle:bctls-jdk18on
Maven/org.bouncycastle:bctls-jdk14
Maven/org.bouncycastle:bctls-jdk15to18
NuGet/BouncyCastle
NuGet/BouncyCastle.Cryptography
Maven/org.bouncycastle:bcpkix-jdk18on
Maven/org.bouncycastle:bcpkix-jdk15to18
Maven/org.bouncycastle:bcpkix-jdk14
Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")
1.0.0
1.0.1
1.0.10
1.0.10.1
1.0.10.2
1.0.10.3
1.0.11
...
2024-05-14T15:32:54Z
Fix available
GHSA-wpcv-5jgp-69f3
Maven/com.netflix.genie:genie-web
Genie Path Traversal vulnerability via File Uploads
0.20
0.21
0.22
0.23
0.24
1.0.0
1.0.1
...
2024-05-09T21:35:23Z
Fix available
GHSA-fgh3-pwmp-3qw3
Maven/org.apache.inlong:manager-pojo
Apache Inlong Deserialization of Untrusted Data vulnerability
1.10.0
1.11.0
1.7.0
1.8.0
1.9.0
2024-05-08T15:30:42Z
Fix available
GHSA-p343-9qwp-pqxv
Maven/org.neo4j:neo4j-cypher
Neo4j Cypher component mishandles IMMUTABLE privileges
1.4
1.4.1
1.4.2
1.4.M04
1.4.M05
1.4.M06
1.5
...
2024-05-07T18:30:34Z
Fix available
GHSA-64cm-3cj3-67hf
Maven/net.mingsoft:ms-basic
MS Basic Cross-site Scripting vulnerability
1.0.0
1.0.1
1.0.10
1.0.11
1.0.12
1.0.13
1.0.14
...
2024-05-07T18:30:33Z
No fix available
GHSA-2x52-8f29-7cjr
Maven/org.eclipse.edc:connector-core
Eclipse Dataspace Components vulnerable to OAuth2 client secret disclosure
0.2.1
0.3.0
0.3.1
0.4.0
0.4.1
0.5.0
0.5.1
...
2024-05-07T15:30:36Z
Fix available
GHSA-4h8f-2wvx-gg5w
Maven/org.bouncycastle:bcprov-jdk18on
Maven/org.bouncycastle:bcprov-jdk15to18
Maven/org.bouncycastle:bcprov-jdk14
Maven/org.bouncycastle:bcprov-jdk13
Maven/org.bouncycastle:bcprov-jdk12
Bouncy Castle Java Cryptography API vulnerable to DNS poisoning
1.71
1.71.1
1.72
1.73
1.74
1.75
1.76
...
2024-05-03T18:30:37Z
Fix available
GHSA-vpw3-3prf-3974
Maven/org.apache.hive:hive-jdbc
Apache Hive Code Injection vulnerability
4.0.0-alpha-1
4.0.0-alpha-2
4.0.0-beta-1
2024-05-03T09:30:52Z
Fix available
GHSA-2g4q-9vm9-9fw4
Maven/org.jenkins-ci.plugins:script-security
Jenkins Script Security Plugin sandbox bypass vulnerability
1.0
1.0-beta-1
1.0-beta-2
1.0-beta-3
1.0-beta-4
1.0-beta-5
1.0-beta-6
...
2024-05-02T15:30:35Z
Fix available
GHSA-94pr-w968-h923
Maven/org.jenkins-ci.plugins:telegrambot
Jenkins Telegram Bot Plugin stores the Telegram Bot token in plaintext
See details.
2024-05-02T15:30:35Z
No fix available
Load more...
Maven - OSV