Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,002
Maven
5,000+
npm
3,713
NuGet
661
pip
3,384
Pub
11
RubyGems
885
Rust
850
Swift
36
Unreviewed advisories
All unreviewed
5,000+

461 advisories

Loading
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of... High Unreviewed
CVE-2018-20843 was published May 24, 2022
LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification... High Unreviewed
CVE-2019-13031 was published May 24, 2022
lib/DocumentToText.php in OpenCats before 0.9.4-3 has XXE that allows remote users to read files... High Unreviewed
CVE-2019-13358 was published May 24, 2022
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Improper Restriction of... High Unreviewed
CVE-2019-7847 was published May 24, 2022
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. With a valid administrator... High Unreviewed
CVE-2019-10264 was published May 24, 2022
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When sending an out-of... High Unreviewed
CVE-2019-10266 was published May 24, 2022
IBM i2 Intelligent Analyis Platform 9.0.0 through 9.1.1 is vulnerable to an XML External Entity... High Unreviewed
CVE-2019-4062 was published May 24, 2022
IBM Daeja ViewONE Professional, Standard & Virtual 5.0.5 and 5.0.6 is vulnerable to an XML... High Unreviewed
CVE-2019-4456 was published May 24, 2022
The Transition Technologies "The Scheduler" app 5.1.3 for Jira allows XXE due to a weakly... High Unreviewed
CVE-2018-14383 was published May 24, 2022
An issue was discovered in the 3CX Phone system (web) management console 12.5.44178.1002 through... High Unreviewed
CVE-2019-13176 was published May 24, 2022
Zoho ManageEngine AssetExplorer 6.2.0 is vulnerable to an XML External Entity Injection (XXE)... High Unreviewed
CVE-2019-14693 was published May 24, 2022
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser... High Unreviewed
CVE-2019-1057 was published May 24, 2022
A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses... High Unreviewed
CVE-2019-1187 was published May 24, 2022
IBM Security Guardium Big Data Intelligence 4.0 (SonarG) is vulnerable to an XML External Entity... High Unreviewed
CVE-2019-4340 was published May 24, 2022
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, and 19.0.0.2 is... High Unreviewed
CVE-2019-4424 was published May 24, 2022
IBM Intelligent Operations Center V5.1.0 through V5.2.0 is vulnerable to an XML External Entity... High Unreviewed
CVE-2019-4419 was published May 24, 2022
IBM InfoSphere Global Name Management 5.0 and 6.0 and IBM InfoSphere Identity Insight 8.1 and 9.0... High Unreviewed
CVE-2019-4433 was published May 24, 2022
The XML-RPC subsystem in Zenoss 2.5.3 allows XXE attacks that lead to unauthenticated information... High Unreviewed
CVE-2019-14258 was published May 24, 2022
Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data... High Unreviewed
CVE-2019-15637 was published May 24, 2022
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 is vulnerable to an XML External... High Unreviewed
CVE-2019-4513 was published May 24, 2022
Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 ... High Unreviewed
CVE-2019-13608 was published May 24, 2022
An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity... High Unreviewed
CVE-2019-6179 was published May 24, 2022
An XML injection vulnerability was found in Limesurvey before 3.17.14 that allows remote... High Unreviewed
CVE-2019-16174 was published May 24, 2022
HCL AppScan Source before 9.03.13 is susceptible to XML External Entity (XXE) attacks in multiple... High Unreviewed
CVE-2019-16188 was published May 24, 2022
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser... High Unreviewed
CVE-2019-1060 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database