Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,721
Erlang
35
GitHub Actions
29
Go
2,306
Maven
5,000+
npm
3,946
NuGet
711
pip
3,723
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

328 advisories

Loading
XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7... High Unreviewed
CVE-2021-22523 was published May 24, 2022
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data... High Unreviewed
CVE-2019-3752 was published May 24, 2022
Improper Restriction of XML External Entity Reference vulnerability in Mitsubishi Electric Air... High Unreviewed
CVE-2021-20595 was published May 24, 2022
An XML External Entity (XXE) issue exists in Kaseya VSA before 9.5.6. High Unreviewed
CVE-2021-30201 was published May 24, 2022
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection (XXE) attack... High Unreviewed
CVE-2019-4730 was published May 24, 2022
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection (XXE) attack... High Unreviewed
CVE-2020-4300 was published May 24, 2022
IBM WebSphere Application Server 8.0, 8.5, 9.0, and Liberty Java Batch is vulnerable to an XML... High Unreviewed
CVE-2021-20492 was published May 24, 2022
Elastic App Search versions after 7.11.0 and before 7.12.0 contain an XML External Entity... High Unreviewed
CVE-2021-22140 was published May 24, 2022
In IntelliJ IDEA before 2020.3.3, XXE was possible, leading to information disclosure. High Unreviewed
CVE-2021-30006 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server... High Unreviewed
CVE-2021-1530 was published May 24, 2022
IBM QRadar SIEM 7.3 and 7.4 may vulnerable to a XML External Entity Injection (XXE) attack when... High Unreviewed
CVE-2020-5013 was published May 24, 2022
A remote XML external entity (XXE) vulnerability was discovered in Aruba ClearPass Policy Manager... High Unreviewed
CVE-2021-29140 was published May 24, 2022
A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform... High Unreviewed
CVE-2021-25165 was published May 24, 2022
A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform... High Unreviewed
CVE-2021-25163 was published May 24, 2022
An XML External Entities (XXE) vulnerability in Media Server component of Avaya Equinox... High Unreviewed
CVE-2020-7037 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity... High Unreviewed
CVE-2021-20454 was published May 24, 2022
IBM WebSphere Application Server 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity... High Unreviewed
CVE-2021-20453 was published May 24, 2022
Forcepoint Web Security Content Gateway versions prior to 8.5.4 improperly process XML input,... High Unreviewed
CVE-2020-6590 was published May 24, 2022
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is vulnerable to XML... High Unreviewed
CVE-2021-22158 was published May 24, 2022
IBM Cloud Pak for Automation 20.0.2 and 20.0.3 IF002 are vulnerable to an XML External Entity... High Unreviewed
CVE-2021-20482 was published May 24, 2022
IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when... High Unreviewed
CVE-2021-20502 was published May 24, 2022
/exec in TranzWare e-Commerce Payment Gateway (TWEC PG) before 3.1.27.5 had a vulnerability in... High Unreviewed
CVE-2021-28110 was published May 24, 2022
SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to... High Unreviewed
CVE-2021-21517 was published May 24, 2022
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External... High Unreviewed
CVE-2019-18943 was published May 24, 2022
Pelco Digital Sentry Server 7.18.72.11464 has an XML External Entity vulnerability (exploitable... High Unreviewed
CVE-2021-27184 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database