GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,001
Maven
5,000+
npm
3,713
NuGet
661
pip
3,384
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
163 advisories
Filter by severity
National Library of the Netherlands multiNER <= c0440948057afc6e3d6b4903a7c05e666b94a3bc is...
Critical
Unreviewed
CVE-2021-44557
was published
Dec 9, 2021
National Library of the Netherlands digger < 6697d1269d981e35e11f240725b16401b5ce3db5 is affected...
Critical
Unreviewed
CVE-2021-44556
was published
Dec 9, 2021
AEM Forms Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by an XML...
Critical
Unreviewed
CVE-2021-40722
was published
Jan 14, 2022
Signiant Manager+Agents before 15.1 allows XML External Entity (XXE) attacks.
Critical
Unreviewed
CVE-2021-46660
was published
Jan 31, 2022
In JetBrains TeamCity before 2021.2.1, XXE during the parsing of the configuration file was...
Critical
Unreviewed
CVE-2022-24340
was published
Feb 26, 2022
Signiant - Manager+Agents XML External Entity (XXE) - Extract internal files of the affected...
Critical
Unreviewed
CVE-2022-22795
was published
Mar 11, 2022
Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that...
Critical
Unreviewed
CVE-2022-28219
was published
Apr 6, 2022
Solar appScreener through 3.10.4, when a valid license is not present, allows XXE and SSRF...
Critical
Unreviewed
CVE-2022-24449
was published
Apr 29, 2022
OpenPNE 3 versions 3.8.7, 3.6.11, 3.4.21.1, 3.2.7.6, 3.0.8.5 has an External Entity Injection...
Critical
Unreviewed
CVE-2013-4333
was published
May 5, 2022
The DOM XML parser and SAX XML parser components of TIBCO Software Inc.'s TIBCO Managed File...
Critical
Unreviewed
CVE-2022-22774
was published
May 11, 2022
XML External Entity (XXE) vulnerability in the file based service provider creation feature of...
Critical
Unreviewed
CVE-2021-42646
was published
May 12, 2022
An exploitable unauthenticated XML external injection vulnerability was identified in FocalScope...
Critical
Unreviewed
CVE-2018-3881
was published
May 13, 2022
XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1...
Critical
Unreviewed
CVE-2016-3974
was published
May 13, 2022
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15...
Critical
Unreviewed
CVE-2018-13826
was published
May 13, 2022
SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and...
Critical
Unreviewed
CVE-2018-16792
was published
May 13, 2022
IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information,...
Critical
Unreviewed
CVE-2016-2908
was published
May 13, 2022
Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting...
Critical
Unreviewed
CVE-2017-1000497
was published
May 13, 2022
An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17...
Critical
Unreviewed
CVE-2018-12463
was published
May 13, 2022
perl-XML-Twig: The option to `expand_external_ents`, documented as controlling external entity...
Critical
Unreviewed
CVE-2016-9180
was published
May 13, 2022
www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht...
Critical
Unreviewed
CVE-2017-8110
was published
May 13, 2022
Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers to conduct XML External...
Critical
Unreviewed
CVE-2016-9924
was published
May 13, 2022
XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway...
Critical
Unreviewed
CVE-2017-9458
was published
May 13, 2022
There is an XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8...
Critical
Unreviewed
CVE-2018-10653
was published
May 13, 2022
XML external entity (XXE) vulnerability in the Java XML processing functionality in Play before 2...
Critical
Unreviewed
CVE-2014-3630
was published
May 13, 2022
FrostWire version <= frostwire-desktop-6.7.4-build-272 contains a XML External Entity (XXE)...
Critical
Unreviewed
CVE-2018-1000828
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API