GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,001
Maven
5,000+
npm
3,713
NuGet
661
pip
3,384
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
311 advisories
Filter by severity
Jenkins Self-Organizing Swarm Plug-in Modules Plugin XXE vulnerability via UDP broadcast response
Moderate
CVE-2019-10309
was published
for
org.jenkins-ci.plugins:swarm
(Maven)
May 24, 2022
Libraries/Nop.Services/Localization/LocalizationService.cs in nopCommerce through 4.10 allows XXE...
Moderate
Unreviewed
CVE-2019-11519
was published
May 24, 2022
An XML external entity (XXE) vulnerability in Kofax Front Office Server Administration Console...
Moderate
Unreviewed
CVE-2018-17289
was published
May 24, 2022
The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain...
Moderate
Unreviewed
CVE-2010-3322
was published
May 17, 2022
Mahara 1.4.x before 1.4.4 and 1.5.x before 1.5.3 allows remote attackers to read arbitrary files...
Moderate
Unreviewed
CVE-2012-2239
was published
May 17, 2022
Zend Framework XXE Vulnerability
Moderate
CVE-2012-5657
was published
for
zendframework/zendframework1
(Composer)
May 17, 2022
XML Entity Expansion (XEE) in Django
Moderate
CVE-2013-1664
was published
for
Django
(pip)
May 17, 2022
XML External Entity (XXE) in Django
Moderate
CVE-2013-1665
was published
for
Django
(pip)
May 17, 2022
The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3...
Moderate
Unreviewed
CVE-2012-3489
was published
May 17, 2022
SOAPpy vulnerable to XML External Entity attacks
Moderate
CVE-2014-3242
was published
for
SOAPpy
(pip)
May 17, 2022
PHPExcel vulnerable to XXE attacks through libxml
Moderate
CVE-2014-2054
was published
for
phpoffice/phpexcel
(Composer)
May 17, 2022
Apache Solr UpdateRequestHandler for XML resolves XML External Entities
Moderate
CVE-2013-6407
was published
for
org.apache.solr:solr-core
(Maven)
May 17, 2022
XML External Entity Reference in RESTEasy
Moderate
CVE-2014-7839
was published
for
org.jboss.resteasy:resteasy-jaxrs
(Maven)
May 17, 2022
The XML parser in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0...
Moderate
Unreviewed
CVE-2016-0284
was published
May 17, 2022
ZendXml and Zend Framework contain XXE and XEE Vulnerabilities
Moderate
CVE-2015-5161
was published
for
zendframework/zendframework
(Composer)
May 17, 2022
XML external entity vulnerability in PRTG Network Monitor before 16.2.23.3077/3078 allows remote...
Moderate
Unreviewed
CVE-2015-7743
was published
May 17, 2022
Improper Restriction of XML External Entity Reference in Openpyxl
Moderate
CVE-2017-5992
was published
for
openpyxl
(pip)
May 17, 2022
XML External Entity (XXE) vulnerability in Grails PDF Plugin 0.6 allows remote attackers to read...
Moderate
Unreviewed
CVE-2017-6344
was published
May 17, 2022
XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service.
Moderate
Unreviewed
CVE-2016-4931
was published
May 17, 2022
NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML...
Moderate
Unreviewed
CVE-2016-5749
was published
May 17, 2022
External Entity Processing (XXE) vulnerability in the "risk score" application of NetIQ Access...
Moderate
Unreviewed
CVE-2016-5748
was published
May 17, 2022
WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity ...
Moderate
Unreviewed
CVE-2017-8056
was published
May 17, 2022
XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager...
Moderate
Unreviewed
CVE-2017-9295
was published
May 17, 2022
An XML External Entity Injection vulnerability in Juniper Networks Junos Space versions prior to...
Moderate
Unreviewed
CVE-2017-2308
was published
May 17, 2022
IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an...
Moderate
Unreviewed
CVE-2016-0254
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API