Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • H
XML External Entity (XXE) Injection
io.vertx:vertx-web-api-contract [,3.5.4) Maven 21 Oct, 2018
  • M
Cross-site Request Forgery (CSRF)
io.vertx:vertx-web [,3.5.3) Maven 21 Oct, 2018
  • M
Directory Traversal
io.vertx:vertx-web [,3.5.4) Maven 21 Oct, 2018
  • M
Buffer Overflow
io.vertx:vertx-core [,3.5.4) Maven 21 Oct, 2018
  • M
Authentication Bypass
org.neo4j:neo4j-security-enterprise [,3.4.9) Maven 21 Oct, 2018
  • L
Denial of Service (DoS)
org.springframework:spring-web [4.2.0, 4.3.20),[5.0.0, 5.0.10),[5.1.0, 5.1.1) Maven 18 Oct, 2018
  • H
Privilege Escalation
org.springframework.security.oauth:spring-security-oauth2 [2.3.0, 2.3.4),[2.2.0, 2.2.3),[2.1.0, 2.1.3),[2.0.0, 2.0.16) Maven 17 Oct, 2018
  • H
Deserilization of Untrusted Data
org.restlet:org.restlet [2.1,2.1.4),[2.2.0-m1,2.2.0-m5) Maven 15 Oct, 2018
  • H
Deserilization of Untrusted Data
org.restlet:org.restlet [2.1,2.1.4),[2.2.0-m1,2.2.0-m5) Maven 15 Oct, 2018
  • M
Arbitrary File Upload
com.mossle:lemon [0,] Maven 15 Oct, 2018
  • H
Deserialization of Untrusted Data
com.fasterxml.jackson.core:jackson-databind [,2.9.7) Maven 11 Oct, 2018
  • H
Deserialization of Untrusted Data
com.fasterxml.jackson.core:jackson-databind [,2.9.7) Maven 11 Oct, 2018
  • H
Deserialization of Untrusted Data
com.fasterxml.jackson.core:jackson-databind [,2.9.7) Maven 11 Oct, 2018
  • H
Deserialization of Untrusted Data
com.fasterxml.jackson.core:jackson-databind [,2.9.7) Maven 11 Oct, 2018
  • H
Deserialization of Untrusted Data
com.fasterxml.jackson.core:jackson-databind [,2.7.9.4),[2.8.0,2.8.11.2),[2.9.0,2.9.6) Maven 11 Oct, 2018
  • H
Deserialization of Untrusted Data
com.fasterxml.jackson.core:jackson-databind [,2.7.9.4),[2.8.0, 2.8.11.2),[2.9.0, 2.9.6) Maven 11 Oct, 2018
  • H
Deserialization of Untrusted Data
com.fasterxml.jackson.core:jackson-databind [,2.7.9.4),[2.8.0,2.8.11.2),[2.9.0,2.9.6) Maven 11 Oct, 2018
  • M
XML External Entity (XXE) Injection
org.apache.tika:tika-core [0.1,1.19.1) Maven 10 Oct, 2018
  • M
Information Exposure
org.keycloak:keycloak-saml-core [,2.5.1) Maven 10 Oct, 2018
  • H
SQL Injection
org.marker:mrcms [,3.1.2] Maven 09 Oct, 2018
  • M
Open Redirect
org.apache.tomcat:catalina [7.0.23, 7.0.91), [8.5.0, 8.5.34), [9.0.0, 9.0.12) Maven 09 Oct, 2018
  • M
Stack-based Buffer Overflow
org.apache.ranger:ranger [,1.2.0) Maven 09 Oct, 2018
  • M
Denial of Service (DoS)
org.apache.pdfbox:pdfbox [1.8.0, 1.8.15), [2.0.0, 2.0.12) Maven 09 Oct, 2018
  • M
Directory Traversal
cc.blynk:integration-tests [,0.39.7) Maven 03 Oct, 2018
  • H
XML External Entity (XXE) Injection
net.bull.javamelody:javamelody-core [,1.74.0) Maven 02 Oct, 2018
  • H
Arbitrary Command Execution
org.nmap4j:org.nmap4j [0,] Maven 26 Sep, 2018
  • M
XML External Entity (XXE) Injection
org.apache.tika:tika-parsers [1.0,1.19) Maven 26 Sep, 2018
  • H
Arbitrary File Write via Archive Extraction (Zip Slip)
cn.hutool:hutool-core [,4.1.12) Maven 26 Sep, 2018
  • M
Access Restriction Bypass
org.apache.karaf.webconsole:org.apache.karaf.webconsole.features [,3.0.9),[4.0.0,4.0.9),[4.1.0, 4.1.1) Maven 20 Sep, 2018
  • M
Arbitrary File Read
org.apache.karaf.shell:org.apache.karaf.shell.core [,4.2.0) Maven 20 Sep, 2018