Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • H
Arbitrary File Write via Archive Extraction (Zip Slip)
org.sonarsource.sonarqube:sonar-plugin-api [,6.7.4) Maven 07 Dec, 2018
  • M
Replay attack
org.keycloak:keycloak-services [,4.6.0) Maven 03 Dec, 2018
  • M
Man-in-the-Middle (MitM)
org.apache.qpid:proton-j [,0.30.0) Maven 19 Nov, 2018
  • M
Open Redirect
org.keycloak:keycloak-services [,4.5.0) Maven 19 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-json_2.10 [,1.3.5) Maven 13 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-json [,1.3.5) Maven 13 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-http [,0] Maven 13 Nov, 2018
  • H
Access Restriction Bypass
org.apache.hive:hive-exec [,2.3.4), [3.1.0, 3.1.1) Maven 12 Nov, 2018
  • H
Authentication Bypass
org.apache.hive:hive-exec [,2.3.4), [3.0.0, 3.1.1) Maven 12 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-json_2.10 [,1.3.5) Maven 12 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-json [,1.3.5) Maven 12 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-http [,0] Maven 12 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-json_2.10 [,1.3.5) Maven 09 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-json [,1.3.5) Maven 09 Nov, 2018
  • M
Cross-site Scripting (XSS)
org.apache.syncope:syncope-core [,2.0.11),[2.1.0, 2.1.2) Maven 08 Nov, 2018
  • H
XML External Entity (XXE) Injection
org.apache.syncope.client:syncope-client-console [,2.0.11),[2.1.0, 2.1.2) Maven 08 Nov, 2018
  • H
Remote Code Execution
ro.pippo:pippo-session [0,] Maven 06 Nov, 2018
  • H
Arbitrary File Write via Archive Extraction (Zip Slip)
org.nd4j:nd4j-common [,1.0.0-beta3) Maven 31 Oct, 2018
  • L
Information Exposure
org.apache.spark:spark-core_2.11 [1.3.0, 2.4.0-rc4) Maven 26 Oct, 2018
  • L
Information Exposure
org.apache.spark:spark-core_2.10 [1.3.0, 2.4.0-rc4) Maven 26 Oct, 2018
  • L
Information Exposure
org.apache.spark:spark-core [1.3.0, 2.4.0-rc4) Maven 26 Oct, 2018
  • H
XML External Entity (XXE) Injection
io.vertx:vertx-web-api-contract [,3.5.4) Maven 21 Oct, 2018
  • H
Cross-site Request Forgery (CSRF)
io.vertx:vertx-web [,3.5.3) Maven 21 Oct, 2018
  • M
Directory Traversal
io.vertx:vertx-web [,3.5.4) Maven 21 Oct, 2018
  • M
Denial of Service (DoS)
io.vertx:vertx-core [,3.5.4) Maven 21 Oct, 2018
  • M
Authentication Bypass
org.neo4j:neo4j-security-enterprise [,3.4.9) Maven 21 Oct, 2018
  • L
Denial of Service (DoS)
org.springframework:spring-web [4.2.0, 4.3.20),[5.0.0, 5.0.10),[5.1.0, 5.1.1) Maven 18 Oct, 2018
  • H
Privilege Escalation
org.springframework.security.oauth:spring-security-oauth2 [2.3.0, 2.3.4),[2.2.0, 2.2.3),[2.1.0, 2.1.3),[2.0.0, 2.0.16) Maven 17 Oct, 2018
  • H
Deserilization of Untrusted Data
org.restlet:org.restlet [2.1,2.1.4),[2.2.0-m1,2.2.0-m5) Maven 15 Oct, 2018
  • H
Deserilization of Untrusted Data
org.restlet:org.restlet [2.1,2.1.4),[2.2.0-m1,2.2.0-m5) Maven 15 Oct, 2018