Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

311 advisories

Loading
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2021-34706 was published May 24, 2022
NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity (XXE) attacks. Moderate Unreviewed
CVE-2021-35201 was published May 24, 2022
XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior... Moderate Unreviewed
CVE-2021-31842 was published May 24, 2022
An improper restriction of XML external entity (XXE) reference vulnerability in the Palo Alto... Moderate Unreviewed
CVE-2021-3055 was published May 24, 2022
A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). An XML... Moderate Unreviewed
CVE-2021-37178 was published May 24, 2022
ObjectPlanet Opinio before 7.15 allows XXE attacks via three steps: modify a .css file to have <... Moderate Unreviewed
CVE-2020-26564 was published May 24, 2022
Panasonic FPWIN Pro, all Versions 7.5.1.1 and prior, allows an attacker to craft a project file... Moderate Unreviewed
CVE-2021-32972 was published May 24, 2022
There is an XXE injection vulnerability in eCNS280 V100R005C00 and V100R005C10. A module does not... Moderate Unreviewed
CVE-2021-22338 was published May 24, 2022
The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external... Moderate Unreviewed
CVE-2021-28684 was published May 24, 2022
SAP NetWeaver AS for JAVA, versions - 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker... Moderate Unreviewed
CVE-2021-27635 was published May 24, 2022
SilverStripe XXE Vulnerability in CSSContentParser Moderate
CVE-2020-25817 was published for silverstripe/framework (Composer) May 24, 2022
When opening a specially crafted 3DXML file, the application containing Datakit Software... Moderate Unreviewed
CVE-2021-27492 was published May 24, 2022
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by XML External Entity (XXE)... Moderate Unreviewed
CVE-2020-36124 was published May 24, 2022
A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could... Moderate Unreviewed
CVE-2021-1369 was published May 24, 2022
A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform... Moderate Unreviewed
CVE-2021-25164 was published May 24, 2022
An XML External Entities (XXE)vulnerability in Callback Assist could allow an authenticated,... Moderate Unreviewed
CVE-2020-7036 was published May 24, 2022
An XML External Entities (XXE)vulnerability in the web-based user interface of Avaya Aura... Moderate Unreviewed
CVE-2020-7035 was published May 24, 2022
FusionAuth fusionauth-samlv2 before 0.5.4 allows XXE attacks via a forged AuthnRequest or... Moderate Unreviewed
CVE-2021-27736 was published May 24, 2022
In order to prevent XML External Entity vulnerability in SAP NetWeaver ABAP Server and ABAP... Moderate Unreviewed
CVE-2021-27604 was published May 24, 2022
The XML Import functionality of the Administration console in Perforce Helix ALM 2020.3.1 Build... Moderate Unreviewed
CVE-2021-28973 was published May 24, 2022
A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP13), Solid Edge... Moderate Unreviewed
CVE-2020-28387 was published May 24, 2022
A remote authenticated authenticated xml external entity (xxe) vulnerability was discovered in... Moderate Unreviewed
CVE-2021-26969 was published May 24, 2022
SAP EPM Add-in for Microsoft Office, version - 1010 and SAP EPM Add-in for SAP Analysis Office,... Moderate Unreviewed
CVE-2021-21470 was published May 24, 2022
A vulnerability has been identified in JT2Go (All Versions < V13.1.0), Teamcenter Visualization ... Moderate Unreviewed
CVE-2020-26981 was published May 24, 2022
IBM Security Verify Privilege Manager 10.8 is vulnerable to an XML External Entity Injection (XXE... Moderate Unreviewed
CVE-2020-4606 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database