GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,715
Erlang
34
GitHub Actions
28
Go
2,302
Maven
5,000+
npm
3,946
NuGet
711
pip
3,716
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
328 advisories
Filter by severity
XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to...
High
Unreviewed
CVE-2024-38653
was published
Aug 14, 2024
The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to contain references to...
High
Unreviewed
CVE-2024-6893
was published
Aug 8, 2024
IBM Engineering Requirements Management DOORS Web Access 9.7.2.8 is vulnerable to an XML External...
High
Unreviewed
CVE-2023-50304
was published
Jul 18, 2024
When the Kiuwan Local Analyzer uploads the scan results to the Kiuwan SAST web
application ...
High
Unreviewed
CVE-2023-49110
was published
Jun 20, 2024
IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 is vulnerable to an XML...
High
Unreviewed
CVE-2023-45192
was published
Jun 6, 2024
XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could...
High
Unreviewed
CVE-2024-3486
was published
May 15, 2024
D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability....
High
Unreviewed
CVE-2023-44412
was published
May 3, 2024
LG Simple Editor saveXmlFile XML External Entity Processing Information Disclosure Vulnerability....
High
Unreviewed
CVE-2023-40503
was published
May 3, 2024
LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability....
High
Unreviewed
CVE-2023-40506
was published
May 3, 2024
LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability....
High
Unreviewed
CVE-2023-40507
was published
May 3, 2024
The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity (XXE)...
High
Unreviewed
CVE-2024-29010
was published
May 1, 2024
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3...
High
Unreviewed
CVE-2024-22354
was published
Apr 17, 2024
IBM Maximo Application Suite 7.6.1.3 is vulnerable to an XML External Entity Injection (XXE)...
High
Unreviewed
CVE-2024-27266
was published
Mar 14, 2024
Pega Platform from 6.x to 8.8.4 is affected by an XXE issue with PDF Generation.
High
Unreviewed
CVE-2023-50168
was published
Mar 14, 2024
An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x,...
High
Unreviewed
CVE-2024-22024
was published
Feb 13, 2024
SAP NetWeaver AS Java (CAF - Guided Procedures) - version 7.50, allows an unauthenticated...
High
Unreviewed
CVE-2024-24743
was published
Feb 13, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
High
Unreviewed
CVE-2023-32327
was published
Feb 3, 2024
An XXE (XML External Entity) vulnerability has been detected in 52North WPS affecting versions...
High
Unreviewed
CVE-2023-6280
was published
Dec 19, 2023
An XEE vulnerability has been found in Repox, which allows a remote attacker to interfere with...
High
Unreviewed
CVE-2023-6721
was published
Dec 13, 2023
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Restriction of XML...
High
Unreviewed
CVE-2023-22274
was published
Nov 17, 2023
A vulnerability has been identified in Siemens OPC UA Modelling Editor (SiOME) (All versions < V2...
High
Unreviewed
CVE-2023-46590
was published
Nov 14, 2023
Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and...
High
Unreviewed
CVE-2023-45727
was published
Oct 18, 2023
An XXE (XML external entity injection) vulnerability exists in the CSEP component of Ivanti...
High
Unreviewed
CVE-2023-38343
was published
Sep 21, 2023
Improper Restriction of XML External Entity Reference vulnerability in MIM Assistant and Client...
High
Unreviewed
CVE-2023-3892
was published
Sep 19, 2023
Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE attacks, leading to...
High
Unreviewed
CVE-2023-40239
was published
Sep 1, 2023
ProTip!
Advisories are also available from the
GraphQL API