GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
10 advisories
Elasticsearch Uncaught Exception leading to crash
Moderate
CVE-2024-23449
was published
for
org.elasticsearch:elasticsearch
(Maven)
Mar 29, 2024
Xuxueli xxl-job template injection vulnerability
Low
CVE-2024-3366
was published
for
com.xuxueli:xxl-job-core
(Maven)
Apr 6, 2024
Improper Preservation of Permissions in xxl-job
High
CVE-2024-42681
was published
for
com.xuxueli:xxl-job-core
(Maven)
Aug 15, 2024
Apache Pinot Vulnerable to Authentication Bypass
Critical
CVE-2024-56325
was published
for
org.apache.pinot:pinot-broker
(Maven)
Apr 1, 2025
Elasticsearch Potential Node Crash due to Large Recursion in `innerForbidCircularReferences` Function
Moderate
CVE-2024-52980
was published
for
org.elasticsearch:elasticsearch
(Maven)
Apr 8, 2025
Elasticsearch Vulnerable to Stack Overflow due to a Large Recursion
Moderate
CVE-2024-52981
was published
for
org.elasticsearch:elasticsearch
(Maven)
Apr 8, 2025
io.jmix.localfs:jmix-localfs has a Path Traversal in Local File Storage
Moderate
CVE-2025-32950
was published
for
io.jmix.localfs:jmix-localfs
(Maven)
Apr 22, 2025
io.jmix.rest:jmix-rest allows XSS in the /files Endpoint of the Generic REST API
Moderate
CVE-2025-32951
was published
for
io.jmix.rest:jmix-rest
(Maven)
Apr 22, 2025
io.jmix.localfs:jmix-localfs affected by DoS in the Local File Storage
Moderate
CVE-2025-32952
was published
for
io.jmix.localfs:jmix-localfs
(Maven)
Apr 22, 2025
Apache IoTDB JDBC Driver Discloses Sensitive Information via Log Files
Moderate
CVE-2025-26795
was published
for
org.apache.iotdb:iotdb-jdbc
(Maven)
May 14, 2025
ProTip!
Advisories are also available from the
GraphQL API