Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,001
Maven
5,000+
npm
3,713
NuGet
661
pip
3,384
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

461 advisories

Loading
XML External Entity Reference in Jenkins FindBugs Plugin High
CVE-2018-1000011 was published for org.jvnet.hudson.plugins.findbugs:library (Maven) May 14, 2022
XXE vulnerability in Jenkins DRY Plugin High
CVE-2018-1000010 was published for org.jvnet.hudson.plugins:dry (Maven) May 14, 2022
XXE vulnerability in Jenkins Checkstyle Plugin High
CVE-2018-1000009 was published for org.jvnet.hudson.plugins:checkstyle (Maven) May 14, 2022
XXE vulnerability in Jenkins PMD Plugin High
CVE-2018-1000008 was published for org.jvnet.hudson.plugins:pmd (Maven) May 14, 2022
IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entity Injection (XXE) attack... High Unreviewed
CVE-2017-1192 was published May 14, 2022
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to a XML External Entity... High Unreviewed
CVE-2017-1666 was published May 14, 2022
XXE Vulnerability in XMLBundle 0.1.7 High
CVE-2017-1000477 was published for desperado/xml-bundle (Composer) May 14, 2022
Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration import functionality... High Unreviewed
CVE-2017-1000496 was published May 14, 2022
IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when... High Unreviewed
CVE-2017-1289 was published May 14, 2022
XML External Entity Reference in org.picketlink:picketlink-common High
CVE-2014-3530 was published for org.picketlink:picketlink-common (Maven) May 14, 2022
Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Webtop 6.8.0160... High Unreviewed
CVE-2017-14527 was published May 17, 2022
Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Administrator 7.2... High Unreviewed
CVE-2017-14526 was published May 17, 2022
An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21... High Unreviewed
CVE-2017-12069 was published May 17, 2022
IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to a XML External Entity Injection ... High Unreviewed
CVE-2017-1527 was published May 17, 2022
XML External Entity (XXE) vulnerability in Apache Wink 1.1.1 and earlier allows remote attackers... High Unreviewed
CVE-2010-2245 was published May 17, 2022
XML external entity (XXE) processing vulnerability in Trend Micro Control Manager 6.0, if... High Unreviewed
CVE-2017-11390 was published May 17, 2022
IBM Security Guardium 10.0 is vulnerable to a XML External Entity Injection (XXE) attack when... High Unreviewed
CVE-2017-1254 was published May 17, 2022
XML external entity (XXE) vulnerability in Citrix XenMobile Server 9.x and 10.x before 10.5 RP3... High Unreviewed
CVE-2017-9231 was published May 17, 2022
IBM API Connect 5.0.6.0 is vulnerable to an XML External Entity Injection (XXE) attack when... High Unreviewed
CVE-2017-1322 was published May 17, 2022
IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of service, caused by an XML External... High Unreviewed
CVE-2016-9698 was published May 17, 2022
IBM Team Concert (RTC) is vulnerable to a denial of service, caused by an XML External Entity... High Unreviewed
CVE-2017-1103 was published May 17, 2022
IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to a denial of service, caused... High Unreviewed
CVE-2016-9691 was published May 17, 2022
IBM UrbanCode Deploy (UCD) 6.0, 6.1, and 6.2 is vulnerable to a denial of service, caused by an... High Unreviewed
CVE-2017-1149 was published May 17, 2022
IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity... High Unreviewed
CVE-2016-9707 was published May 17, 2022
XML external entity (XXE) vulnerability in eParakstitajs 3 before 1.3.9 and eParaksts Java lib... High Unreviewed
CVE-2017-6055 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database