GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3,024 advisories
XWiki vulnerable to a reflected XSS via xredirect parameter in DeleteApplication
Moderate
CVE-2025-66472
was published
for
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
(Maven)
Dec 10, 2025
Improper Memory Cleanup in the Okta Java SDK
Moderate
CVE-2025-66033
was published
for
com.okta.sdk:okta-sdk-root
(Maven)
Dec 10, 2025
Apache SkyWalking has a stored XSS vulnerability
Moderate
CVE-2025-54057
was published
for
org.apache.skywalking:apm-webapp
(Maven)
Nov 27, 2025
Apache Axis2 has Improper Input Validation
Moderate
CVE-2012-5785
was published
for
org.apache.axis2:axis2
(Maven)
May 17, 2022
Central Dogma's Login Function Has an Open Redirect Vulnerability
Moderate
CVE-2025-11222
was published
for
com.linecorp.centraldogma:centraldogma-server-auth-shiro
(Maven)
Dec 4, 2025
Keycloak vulnerable to session takeovers due to reuse of session identifiers
Moderate
CVE-2025-12390
was published
for
org.keycloak:keycloak-services
(Maven)
Oct 28, 2025
Eclipse JGit XML External Entity (XXE) Vulnerability
Moderate
CVE-2025-4949
was published
for
org.eclipse.jgit:org.eclipse.jgit
(Maven)
May 21, 2025
GeoServer has a Reflected Cross-Site Scripting (XSS) vulnerability in its WMS GetFeatureInfo HTML format
Moderate
CVE-2025-21621
was published
for
org.geoserver.web:gs-web-app
(Maven)
Nov 25, 2025
ProTip!
Advisories are also available from the
GraphQL API