GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,428
Composer 5,654
Erlang 49
GitHub Actions 50
Go 3,606
Maven 6,433
npm 5,910
NuGet 924
pip 4,831
Pub 13
RubyGems 1,045
Rust 1,256
Swift 53

Unreviewed advisories

All unreviewed 299,395

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

356 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have... High Unreviewed

CVE-2018-4942 was published May 13, 2022

IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML External Entity Injection (XXE... High Unreviewed

CVE-2017-1477 was published May 13, 2022

Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data... High Unreviewed

CVE-2018-11048 was published May 13, 2022

ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to... High Unreviewed

CVE-2013-1915 was published May 13, 2022

An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15... High Unreviewed

CVE-2018-13823 was published May 13, 2022

SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents... High Unreviewed

CVE-2018-2492 was published May 13, 2022

The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote... High Unreviewed

CVE-2017-8913 was published May 13, 2022

xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted... High Unreviewed

CVE-2017-1000061 was published May 13, 2022

XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows... High Unreviewed

CVE-2017-9233 was published May 13, 2022

An XXE issue was discovered in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5... High Unreviewed

CVE-2016-5795 was published May 13, 2022

An XXE issue was discovered in Automated Logic Corporation (ALC) WebCTRL Versions 6.0, 6.1 and 6... High Unreviewed

CVE-2018-8819 was published May 13, 2022

Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an XML External Entity (XXE)... High Unreviewed

CVE-2018-7783 was published May 13, 2022

A XML external entity (XXE) vulnerability exists in the import.cgi of the web interface component... High Unreviewed

CVE-2018-7230 was published May 13, 2022

An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC... High Unreviewed

CVE-2017-16349 was published May 13, 2022

An exploitable XML entity injection vulnerability exists in OpenFire User Import Export Plugin 2... High Unreviewed

CVE-2017-2815 was published May 13, 2022

XML External Entity (XXE) injection vulnerabilities occur when poorly configured XML parsers... High Unreviewed

CVE-2021-27777 was published May 13, 2022

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an... High Unreviewed

CVE-2022-20780 was published May 5, 2022

A Improper Restriction of XML External Entity Reference vulnerability in SUSE Open Build Service... High Unreviewed

CVE-2022-21949 was published May 4, 2022

The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2... High Unreviewed

CVE-2009-1699 was published May 2, 2022

It was discovered that the XML::Atom Perl module before version 0.39 did not disable external... High Unreviewed

CVE-2012-1102 was published Apr 23, 2022

The /webtools/control/xmlrpc endpoint in OFBiz XML-RPC event handler is exposed to External... High Unreviewed

CVE-2011-3600 was published Apr 22, 2022

The "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA... High Unreviewed

CVE-2021-33208 was published Apr 1, 2022

GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity (XXE) vulnerability... High Unreviewed

CVE-2021-44477 was published Mar 26, 2022

The wechat_return function in /controller/Index.php of EyouCms V1.5.4-UTF8-SP3 passes the user's... High Unreviewed

CVE-2021-42194 was published Mar 22, 2022

A local, authenticated attacker could use an XML External Entity (XXE) attack to exploit weakly... High Unreviewed

CVE-2020-14478 was published Feb 25, 2022

Previous 1…1415 Next

Previous 1 2 … 11 12 13 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

356 advisories