Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

311 advisories

Loading
An XXE issue was discovered in Nokia NetAct before 22 FP2211 via an XML document to a Performance... Moderate Unreviewed
CVE-2023-26058 was published Apr 25, 2023
All versions of Talend Data Catalog before 8.0-20220907 are potentially vulnerable to XML... Moderate Unreviewed
CVE-2023-26264 was published Apr 13, 2023
All versions of Talend Data Catalog before 8.0-20230110 are potentially vulnerable to XML... Moderate Unreviewed
CVE-2023-26263 was published Apr 13, 2023
A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The application... Moderate Unreviewed
CVE-2023-28828 was published Apr 11, 2023
National land numerical information data conversion tool all versions improperly restricts XML... Moderate Unreviewed
CVE-2023-25955 was published Apr 11, 2023
Zoho ManageEngine Applications Manager through 16320 allows the admin user to conduct an XXE attack. Moderate Unreviewed
CVE-2023-28340 was published Apr 11, 2023
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2023-20030 was published Apr 5, 2023
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including... Moderate Unreviewed
CVE-2022-43941 was published Apr 3, 2023
A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of... Moderate Unreviewed
CVE-2022-43473 was published Mar 30, 2023
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed
CVE-2022-41696 was published Mar 22, 2023
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed
CVE-2022-45468 was published Mar 22, 2023
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed
CVE-2022-46286 was published Mar 22, 2023
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed
CVE-2022-46300 was published Mar 22, 2023
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed
CVE-2022-45121 was published Mar 22, 2023
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed
CVE-2022-43512 was published Mar 22, 2023
SAP NetWeaver allows (SAP Enterprise Portal) - version 7.50, allows an authenticated attacker... Moderate Unreviewed
CVE-2023-26461 was published Mar 14, 2023
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A... Moderate Unreviewed
CVE-2023-20052 was published Mar 1, 2023
XML External Entity (XXE) vulnerability in apoc.import.graphml Moderate
GHSA-9vx8-f5c4-862x was published for org.neo4j.procedure:apoc (Maven) Feb 24, 2023
php-saml-sp before 1.1.1 and 2.x before 2.1.1 allows reading arbitrary files as the webserver... Moderate Unreviewed
CVE-2023-26267 was published Feb 21, 2023
XML External Entity (XXE) vulnerability in apoc.import.graphml Moderate
CVE-2023-23926 was published for org.neo4j.procedure:apoc-core (Maven) Feb 16, 2023
Lojjs
Improper restriction of XML external entity reference (XXE) vulnerability exists in OMRON CX... Moderate Unreviewed
CVE-2023-22322 was published Jan 30, 2023
OpenStack Swift XML external entities (XXE) Injection Moderate
CVE-2022-47950 was published for swift (pip) Jan 18, 2023
A vulnerability was found in Talend Open Studio for MDM. It has been declared as problematic.... Moderate Unreviewed
CVE-2022-4818 was published Dec 28, 2022
Due to improper restrictions on XML entities multiple vulnerabilities exist in the command line... Moderate Unreviewed
CVE-2022-37911 was published Dec 12, 2022
In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom... Moderate Unreviewed
CVE-2022-46827 was published Dec 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database