Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • H
Deserialization of Untrusted Data
org.red5:red5-server [,1.0.8) Maven 19 Feb, 2018
  • H
Arbitrary Command Execution
org.mortbay.jetty:jetty [,0] Maven 19 Feb, 2018
  • M
Arbitrary Code Injection
org.mortbay.jetty:jetty [,6.1.6) Maven 19 Feb, 2018
  • H
Session Hijacking
org.mortbay.jetty:jetty [,6.1.6) Maven 19 Feb, 2018
  • M
Arbitrary File Read
org.mortbay.jetty:jetty [,6.1) Maven 19 Feb, 2018
  • M
Man-in-the-Middle (MitM)
org.apache.jmeter:apachejmeter [2.0,4.0) Maven 19 Feb, 2018
  • H
Information Exposure
org.apache.cloudstack:cloudstack [4.1,4.2) Maven 19 Feb, 2018
  • H
Deserialization of Untrusted Data
com.github.dozermapper:dozer-parent [0,] Maven 19 Feb, 2018
  • M
XML External Entity (XXE) Injection
org.jbpm:jbpm-designer-backend [5.0,7.5) Maven 19 Feb, 2018
  • H
Cross-site Request Forgery (CSRF)
io.hawt:project [1.5,1.5.4) Maven 18 Feb, 2018
  • H
Improper Authentication
io.hawt:hawtio-karaf-terminal [,1.2.3) Maven 18 Feb, 2018
  • H
Cross-site request forgery (CSRF)
io.hawt:hawtio-karaf-terminal [,1.2.3) Maven 18 Feb, 2018
  • H
Host Spoofing
org.apache.jmeter:apachejmeter [2.0,4.0) Maven 15 Feb, 2018
  • M
Cross-site Scripting (XSS)
org.jbpm:jbpm-console-ng-human-tasks-client [6.0.0,6.1.0) Maven 14 Feb, 2018
  • H
Denial of Service (DoS)
org.apache.qpid:apache-qpid-broker-j [,7.0.1) Maven 12 Feb, 2018
  • M
Open Redirect
org.apache.juddi:juddi-core [3.1,3.2) Maven 12 Feb, 2018
  • M
XML External Entity (XXE) Injection
org.apache.juddi:juddi-client [3.2,3.3.5) Maven 12 Feb, 2018
  • H
Authentication Bypass
org.apache.cloudstack:cloudstack [4.1,4.8.1.1),[4.9,4.9.0.1) Maven 12 Feb, 2018
  • M
Arbitrary Code Execution
rg.hibernate.validator:hibernate-validator [5.2,5.2.5 final), [5.3, 6.0.0) Maven 12 Feb, 2018
  • H
Directory Traversal
org.wildfly:wildfly-undertow [,12.0.0.Alpha1) Maven 12 Feb, 2018
  • M
Directory Traversal
io.undertow:undertow-core [0,] Maven 12 Feb, 2018
  • M
HTTP Request Smuggling
io.undertow:undertow-core [1.4.0, 1.4.17.Final), [1.3.0, 1.3.31.Final), [2.0.0-a,2.0.0.Alpha2) Maven 12 Feb, 2018
  • M
HTTP Request Smuggling
io.undertow:undertow-core [1.4.0, 1.4.17.Final), [1.3.0, 1.3.31.Final), [2.0.0-a,2.0.0.Alpha2) Maven 12 Feb, 2018
  • H
XML External Entity (XXE) Injection
com.caverock:androidsvg [,1.3.0) Maven 12 Feb, 2018
  • M
Cross-site Scripting (XSS)
org.cloudfoundry.identity:cloudfoundry-identity-model [,3.20.3) Maven 11 Feb, 2018
  • M
Cross-Site Scripting (XSS)
org.b3log:symphony [,2.3.0) Maven 11 Feb, 2018
  • L
Incorrectly Documented Search Algorithm
org.apache.tomcat:tomcat [,7.0.84),[,8.0.48),[,8.5.24),[,9.0.2) Maven 11 Feb, 2018
  • M
Denial of Service (DoS)
org.jboss.netty:netty [,3.9.1.Final] Maven 06 Feb, 2018
  • M
Cross-site Scripting (XSS)
org.apache.sling:org.apache.sling.xss [,2.0.4) Maven 06 Feb, 2018
  • M
Cross-site Scripting (XSS)
org.apache.sling:org.apache.sling.xss.compat [,2.0.4) Maven 06 Feb, 2018