Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,327
Maven
5,000+
npm
3,960
NuGet
712
pip
3,741
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

328 advisories

Loading
LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification... High Unreviewed
CVE-2019-13031 was published May 24, 2022
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of... High Unreviewed
CVE-2018-20843 was published May 24, 2022
BlogEngine.NET 3.3.7 and earlier allows XXE via an apml file to syndication.axd. High Unreviewed
CVE-2019-11392 was published May 24, 2022
BlogEngine.NET 3.3.7.0 and earlier allows XML External Entity Blind Injection, related to... High Unreviewed
CVE-2019-10718 was published May 24, 2022
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity... High Unreviewed
CVE-2018-1845 was published May 24, 2022
Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4... High Unreviewed
CVE-2019-3722 was published May 24, 2022
IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 is vulnerable to an XML External Entity... High Unreviewed
CVE-2019-4208 was published May 24, 2022
An XML external entity (XXE) vulnerability in PrinterOn version 4.1.4 and lower allows remote... High Unreviewed
CVE-2018-17169 was published May 24, 2022
An XML External Entity vulnerability in the UEM Core of BlackBerry UEM version(s) earlier than 12... High Unreviewed
CVE-2019-8999 was published May 24, 2022
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter... High Unreviewed
CVE-2022-29801 was published May 21, 2022
Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote... High Unreviewed
CVE-2014-2052 was published May 17, 2022
XML external entity (XXE) vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev11 and 7.6... High Unreviewed
CVE-2014-5238 was published May 17, 2022
jersey: XXE via parameter entities not disabled by the jersey SAX parser High Unreviewed
CVE-2014-3643 was published May 17, 2022
Cisco Prime Home 5.2.0 allows remote attackers to read arbitrary files via an XML document... High Unreviewed
CVE-2016-6408 was published May 17, 2022
IBM FileNet Workplace 4.0.2 before 4.0.2.14 LA012 allows remote authenticated users to read... High Unreviewed
CVE-2016-3055 was published May 17, 2022
IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated users to read arbitrary files... High Unreviewed
CVE-2016-3033 was published May 17, 2022
perl-Image-Info: When parsing an SVG file, external entity expansion (XXE) was not disabled. An... High Unreviewed
CVE-2016-9181 was published May 17, 2022
XML External Entity (XXE) Vulnerability in /SSOPOST/metaAlias/%realm%/idpv2 in OpenAM - Access... High Unreviewed
CVE-2016-10097 was published May 17, 2022
IBM InfoSphere Information Server is vulnerable to a denial of service, caused by an XML External... High Unreviewed
CVE-2016-6059 was published May 17, 2022
IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity... High Unreviewed
CVE-2016-8980 was published May 17, 2022
IBM Rhapsody DM 4.0, 5.0 and 6.0 is vulnerable to a denial of service, caused by an XML External... High Unreviewed
CVE-2016-8974 was published May 17, 2022
IBM QRadar 7.2 is vulnerable to a denial of service, caused by an XML External Entity Injection ... High Unreviewed
CVE-2016-9724 was published May 17, 2022
XML external entity (XXE) vulnerability in eParakstitajs 3 before 1.3.9 and eParaksts Java lib... High Unreviewed
CVE-2017-6055 was published May 17, 2022
IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity... High Unreviewed
CVE-2016-9707 was published May 17, 2022
IBM UrbanCode Deploy (UCD) 6.0, 6.1, and 6.2 is vulnerable to a denial of service, caused by an... High Unreviewed
CVE-2017-1149 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database