GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
461 advisories
Filter by severity
The wechat_return function in /controller/Index.php of EyouCms V1.5.4-UTF8-SP3 passes the user's...
High
Unreviewed
CVE-2021-42194
was published
Mar 22, 2022
GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity (XXE) vulnerability...
High
Unreviewed
CVE-2021-44477
was published
Mar 26, 2022
enkins Coverage/Complexity Scatter Plot Plugin XML External Entity Reference vulnerability
High
CVE-2022-28154
was published
for
org.jenkins-ci.plugins:covcomplplot
(Maven)
Mar 30, 2022
XXE vulnerability in Jenkins Flaky Test Handler Plugin
High
CVE-2022-28140
was published
for
org.jenkins-ci.plugins:flaky-test-handler
(Maven)
Mar 30, 2022
XML External Entity Reference vulnerability in Jenkins Pipeline: Phoenix AutoTest Plugin
High
CVE-2022-28155
was published
for
com.surenpi.jenkins:phoenix-autotest
(Maven)
Mar 30, 2022
The "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA...
High
Unreviewed
CVE-2021-33208
was published
Apr 1, 2022
Inline DTD allows XML bomb attack
High
CVE-2019-15160
was published
for
sweet_xml
(Erlang)
Apr 12, 2022
XML External Entity Reference in detekt
High
CVE-2022-0272
was published
for
io.gitlab.arturbosch.detekt:detekt-core
(Maven)
Apr 22, 2022
The /webtools/control/xmlrpc endpoint in OFBiz XML-RPC event handler is exposed to External...
High
Unreviewed
CVE-2011-3600
was published
Apr 22, 2022
It was discovered that the XML::Atom Perl module before version 0.39 did not disable external...
High
Unreviewed
CVE-2012-1102
was published
Apr 23, 2022
Multiple components in Apache NiFi do not restrict XML External Entity references
High
CVE-2022-29265
was published
for
org.apache.nifi:nifi
(Maven)
May 1, 2022
The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2...
High
Unreviewed
CVE-2009-1699
was published
May 2, 2022
A Improper Restriction of XML External Entity Reference vulnerability in SUSE Open Build Service...
High
Unreviewed
CVE-2022-21949
was published
May 4, 2022
Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an...
High
Unreviewed
CVE-2022-20780
was published
May 5, 2022
XML External Entity (XXE) injection vulnerabilities occur when poorly configured XML parsers...
High
Unreviewed
CVE-2021-27777
was published
May 13, 2022
An exploitable XML entity injection vulnerability exists in OpenFire User Import Export Plugin 2...
High
Unreviewed
CVE-2017-2815
was published
May 13, 2022
An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC...
High
Unreviewed
CVE-2017-16349
was published
May 13, 2022
Improper Restriction of XML External Entity Reference in Spring Framework
High
CVE-2014-0225
was published
for
org.springframework:spring-webmvc
(Maven)
May 13, 2022
A XML external entity (XXE) vulnerability exists in the import.cgi of the web interface component...
High
Unreviewed
CVE-2018-7230
was published
May 13, 2022
Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an XML External Entity (XXE)...
High
Unreviewed
CVE-2018-7783
was published
May 13, 2022
Improper Restriction of XML External Entity Reference in python-docx
High
CVE-2016-5851
was published
for
python-docx
(pip)
May 13, 2022
An XXE issue was discovered in Automated Logic Corporation (ALC) WebCTRL Versions 6.0, 6.1 and 6...
High
Unreviewed
CVE-2018-8819
was published
May 13, 2022
An XXE issue was discovered in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5...
High
Unreviewed
CVE-2016-5795
was published
May 13, 2022
Improper Restriction of XML External Entity Reference in Apache FOP
High
CVE-2017-5661
was published
for
org.apache.xmlgraphics:fop
(Maven)
May 13, 2022
XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows...
High
Unreviewed
CVE-2017-9233
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API