GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,475
Composer 5,369
Erlang 44
GitHub Actions 45
Go 3,248
Maven 6,316
npm 5,215
NuGet 867
pip 4,513
Pub 12
RubyGems 997
Rust 1,189
Swift 51

Unreviewed advisories

All unreviewed 293,990

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

85 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper neutralization of special elements in the /IDC_Logging/checkifdone.cgi script in... Moderate Unreviewed

CVE-2026-28770 was published Mar 4, 2026

XML Injection (aka Blind XPath Injection) vulnerability in Drupal Central Authentication System ... Moderate Unreviewed

CVE-2026-1554 was published Feb 4, 2026

Wondershare FamiSafe 1.0 contains an unquoted service path vulnerability in the FSService that... High Unreviewed

CVE-2022-50902 was published Jan 14, 2026

An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated... High Unreviewed

CVE-2025-1545 was published Dec 5, 2025

A vulnerability has been found in OpenClinica Community Edition up to 3.12.2/3.13. Affected by... Moderate Unreviewed

CVE-2025-12921 was published Nov 10, 2025

Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML... Moderate Unreviewed

CVE-2025-7473 was published Oct 21, 2025

An XML External Entity (XXE) vulnerability in the /mall/wxpay/pay component of uzy-ssm-mall v1.1... Moderate Unreviewed

CVE-2025-60833 was published Oct 8, 2025

Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an XML Injection... Moderate Unreviewed

CVE-2025-54251 was published Sep 9, 2025

XML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat. ... High Unreviewed

CVE-2025-24404 was published Sep 9, 2025

XML Injection vulnerability in xmltodict allows Input Data Manipulation.This issue affects... Moderate Unreviewed

CVE-2025-9375 was published Sep 5, 2025

An XML external entities (XXE) injection vulnerability in the /init API endpoint in Exagid EX10 7... Moderate Unreviewed

CVE-2025-47184 was published Aug 21, 2025

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an XML Injection... High Unreviewed

CVE-2025-49538 was published Jul 8, 2025

An XML external entity (XXE) injection vulnerability in the component /weixin/aes/XMLParse.java... Moderate Unreviewed

CVE-2025-25589 was published Mar 18, 2025

IBM ICP - Voice Gateway 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6. 1.0.7, 1.0.7.1, and 1.0.8... High Unreviewed

CVE-2024-47113 was published Jan 18, 2025

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed

CVE-2024-53675 was published Nov 27, 2024

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed

CVE-2024-53674 was published Nov 27, 2024

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed

CVE-2024-11622 was published Nov 27, 2024

An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to... Critical Unreviewed

CVE-2024-51136 was published Nov 4, 2024

In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible... High Unreviewed

CVE-2024-34740 was published Aug 16, 2024

BEx Web Java Runtime Export Web Service does not sufficiently validate an XML document accepted... High Unreviewed

CVE-2024-42374 was published Aug 13, 2024

XPath Injection vulnerabilities in the blog and RSS functions of Modern Campus - Omni CMS 2023.1... Moderate Unreviewed

CVE-2023-35858 was published Jun 13, 2024

An issue was discovered in Logpoint before 7.4.0. A path injection vulnerability is seen while... Moderate Unreviewed

CVE-2024-33858 was published May 7, 2024

Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability. This... Moderate Unreviewed

CVE-2023-32173 was published May 3, 2024

Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability. This... High Unreviewed

CVE-2023-27328 was published May 3, 2024

A vulnerability, which was classified as problematic, was found in Netentsec NS-ASG Application... Moderate Unreviewed

CVE-2024-2648 was published Mar 20, 2024

Previous1…4 Next

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

85 advisories