GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
112 advisories
QOS.CH logback-core is vulnerable to Arbitrary Code Execution through file processing
Moderate
CVE-2025-11226
was published
for
ch.qos.logback:logback-core
(Maven)
Oct 1, 2025
Spoofing attack in swagger-ui
Moderate
CVE-2018-25031
was published
for
org.webjars:swagger-ui
(Maven)
Mar 12, 2022
Apache Tomcat Improper Input Validation vulnerability
Moderate
CVE-2023-45648
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Oct 10, 2023
Improper Input Validation in Jakarta Expression Language
Moderate
CVE-2021-28170
was published
for
com.sun.el:el-ri
(Maven)
Oct 6, 2021
Improper Input Validation and Injection in Apache Log4j2
Moderate
CVE-2021-44832
was published
for
org.apache.logging.log4j:log4j-core
(Maven)
Jan 4, 2022
Improper Input Validation in Apache Tomcat
Moderate
CVE-2014-0096
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API