GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,028 advisories
Filter by severity
Zendframework Local file disclosure via XXE injection in Zend_XmlRpc
High
GHSA-229x-22xc-2f2w
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
ebookmeta XML External Entity vulnerability
High
CVE-2024-36827
was published
for
ebookmeta
(pip)
Jun 7, 2024
ebookmeta XML External Entity vulnerability
High
CVE-2024-37388
was published
for
ebookmeta
(pip)
Jun 7, 2024
ZendFramework potential XML eXternal Entity injection vectors
Critical
GHSA-mhpx-3rv8-wrjm
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
ZendFramework potential XML eXternal Entity injection vectors
High
GHSA-4j9x-g4x8-vcmf
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
ZendFramework vulnerable to XXE/XEE attacks
Critical
GHSA-f4fj-q6m4-cc52
was published
for
zendframework/zend-xmlrpc
(Composer)
Jun 7, 2024
Zendframework vulnerable to XXE/XEE attacks
Critical
GHSA-qc7w-4567-84wv
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 is vulnerable to an XML...
High
Unreviewed
CVE-2023-45192
was published
Jun 6, 2024
Symfony XML decoding attack vector through external entities
Critical
GHSA-j68w-pg49-f6vx
was published
for
symfony/serializer
(Composer)
May 30, 2024
Symfony XXE security vulnerability
High
GHSA-rjpm-qmq7-q85w
was published
for
symfony/routing
(Composer)
May 30, 2024
Symfony XML Entity Expansion security vulnerability
High
GHSA-c636-cg5r-2498
was published
for
symfony/dependency-injection
(Composer)
May 29, 2024
XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could...
High
Unreviewed
CVE-2024-3486
was published
May 15, 2024
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1...
Moderate
Unreviewed
CVE-2024-4357
was published
May 15, 2024
Microsoft SharePoint Server Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-30043
was published
May 14, 2024
@cyclonedx/cyclonedx-library Improper Restriction of XML External Entity Reference vulnerability
High
CVE-2024-34345
was published
for
@cyclonedx/cyclonedx-library
(npm)
May 8, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure...
Moderate
Unreviewed
CVE-2023-51600
was published
May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure...
Moderate
Unreviewed
CVE-2023-51602
was published
May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure...
Moderate
Unreviewed
CVE-2023-51604
was published
May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure...
Moderate
Unreviewed
CVE-2023-51601
was published
May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure...
Moderate
Unreviewed
CVE-2023-51605
was published
May 3, 2024
Voltronic Power ViewPower Pro doDocument XML External Entity Processing Information Disclosure...
Moderate
Unreviewed
CVE-2023-51591
was published
May 3, 2024
D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability....
High
Unreviewed
CVE-2023-44412
was published
May 3, 2024
Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure...
Moderate
Unreviewed
CVE-2023-42035
was published
May 3, 2024
LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability....
High
Unreviewed
CVE-2023-40506
was published
May 3, 2024
LG Simple Editor saveXmlFile XML External Entity Processing Information Disclosure Vulnerability....
High
Unreviewed
CVE-2023-40503
was published
May 3, 2024
ProTip!
Advisories are also available from the
GraphQL API