Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,311
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

328 advisories

Loading
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity... High Unreviewed
CVE-2021-20353 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity... High Unreviewed
CVE-2020-4949 was published May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected... High Unreviewed
CVE-2020-27858 was published May 24, 2022
XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management ... High Unreviewed
CVE-2021-22498 was published May 24, 2022
The TIBCO EBX Add-on for Oracle Hyperion EPM, TIBCO EBX Data Exchange Add-on, and TIBCO EBX... High Unreviewed
CVE-2020-27148 was published May 24, 2022
A CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists in... High Unreviewed
CVE-2020-7572 was published May 24, 2022
Improper Restriction of XML External Entity Reference in subsystem forIntel(R) Quartus(R) Prime... High Unreviewed
CVE-2020-24454 was published May 24, 2022
An XML external entity (XXE) vulnerability in Pulse Connect Secure (PCS) before 9.1R9 and Pulse... High Unreviewed
CVE-2020-15352 was published May 24, 2022
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. It... High Unreviewed
CVE-2020-25257 was published May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected... High Unreviewed
CVE-2020-15419 was published May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected... High Unreviewed
CVE-2020-15418 was published May 24, 2022
WSO2 Enterprise Integrator through 6.6.0 has an XXE vulnerability where a user (with admin... High Unreviewed
CVE-2020-11885 was published May 24, 2022
Oxygen XML Editor 21.1.1 allows XXE to read any file. High Unreviewed
CVE-2019-20191 was published May 24, 2022
An XML external entity (XXE) vulnerability iin Zoho ManageEngine Desktop Central before the 07... High Unreviewed
CVE-2020-8540 was published May 24, 2022
SAP NetWeaver Application Server Java (User Management Engine), versions- 7.10, 7.11, 7.20, 7.30,... High Unreviewed
CVE-2020-6202 was published May 24, 2022
An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur... High Unreviewed
CVE-2020-9352 was published May 24, 2022
XMLBlueprint through 16.191112 is affected by XML External Entity Injection. The impact is:... High Unreviewed
CVE-2019-19032 was published May 24, 2022
Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. The impact is:... High Unreviewed
CVE-2019-19031 was published May 24, 2022
Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php. High Unreviewed
CVE-2019-19998 was published May 24, 2022
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. XXE vulnerabilities exist that may allow... High Unreviewed
CVE-2019-18227 was published May 24, 2022
An issue was discovered in LabKey Server 19.1.0. Sending an SVG containing an XXE payload to the... High Unreviewed
CVE-2019-9757 was published May 24, 2022
An XML External Entity Injection vulnerability exists in Dzone AnswerHub. High Unreviewed
CVE-2017-15725 was published May 24, 2022
Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a xml external entity injection... High Unreviewed
CVE-2019-8082 was published May 24, 2022
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection... High Unreviewed
CVE-2019-8086 was published May 24, 2022
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection... High Unreviewed
CVE-2019-8087 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database