GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
311 advisories
Filter by severity
mofh Vulnerable to Improper Restriction of XML External Entity Reference
Moderate
GHSA-7r9x-qrpr-3cxw
was published
for
mofh
(pip)
Aug 11, 2022
XML external entity (XXE) processing ('external-parameter-entities' feature was not fully disabled))
Moderate
CVE-2019-10782
was published
for
com.puppycrawl.tools:checkstyle
(Maven)
Jan 31, 2020
Improper Restriction of XML External Entity Reference in Apache Olingo
Moderate
CVE-2019-17554
was published
for
org.apache.olingo:odata-client-core
(Maven)
Feb 4, 2020
Moderate severity vulnerability that affects org.apache.ignite:ignite-core
Moderate
CVE-2016-6805
was published
for
org.apache.ignite:ignite-core
(Maven)
Oct 16, 2018
Moderate severity vulnerability that affects com.puppycrawl.tools:checkstyle
Moderate
CVE-2019-9658
was published
for
com.puppycrawl.tools:checkstyle
(Maven)
Mar 14, 2019
Authenticated XML External Entity Processing
Moderate
GHSA-8xv9-qcr9-ww9j
was published
for
shopware/core
(Composer)
Oct 19, 2020
XML External Entities Vulnerability in CVRF-CSAF-Converter
Moderate
CVE-2022-27193
was published
for
cvrf2csaf
(pip)
Mar 16, 2022
A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10...
Moderate
Unreviewed
CVE-2022-0861
was published
Mar 24, 2022
When opening a malicious solution file provided by an attacker, the application suffers from an...
Moderate
Unreviewed
CVE-2022-1018
was published
Apr 3, 2022
Improper Restriction of XML External Entity Reference in wutka jox
Moderate
CVE-2021-43142
was published
for
com.wutka:jox
(Maven)
Apr 1, 2022
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could...
Moderate
Unreviewed
CVE-2022-0221
was published
Apr 14, 2022
Improper Restriction of XML External Entity Reference in Castor
Moderate
CVE-2014-3004
was published
for
org.codehaus.castor:castor
(Maven)
May 13, 2022
Improper Restriction of XML External Entity Reference in Elasticsearch
Moderate
CVE-2018-17247
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 13, 2022
Improper Restriction of XML External Entity Reference in Apache uimaj
Moderate
CVE-2017-15691
was published
for
org.apache.uima:uimafit-core
(Maven)
May 14, 2022
XML External Entity Reference in RESTEasy
Moderate
CVE-2014-7839
was published
for
org.jboss.resteasy:resteasy-jaxrs
(Maven)
May 17, 2022
XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file...
Moderate
Unreviewed
CVE-2017-7457
was published
May 17, 2022
XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM...
Moderate
Unreviewed
CVE-2015-0194
was published
May 17, 2022
VMware vSphere Client 5.5 before U3e and 6.0 before U2a allows remote vCenter Server and ESXi...
Moderate
Unreviewed
CVE-2016-7458
was published
May 17, 2022
IBM Tivoli Endpoint Manager is vulnerable to a XML External Entity Injection (XXE) attack when...
Moderate
Unreviewed
CVE-2017-1219
was published
May 17, 2022
An Improper XML Parser Configuration issue was discovered in Schneider Electric Wonderware...
Moderate
Unreviewed
CVE-2017-7907
was published
May 17, 2022
XML External Entity Reference in Eclipse Lyo
Moderate
CVE-2021-41042
was published
for
org.eclipse.lyo:lyo-parent
(Maven)
Jul 8, 2022
An XML External Entity vulnerability in Cisco WebEx Meetings Server could allow an authenticated,...
Moderate
Unreviewed
CVE-2017-3811
was published
May 17, 2022
IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an...
Moderate
Unreviewed
CVE-2016-0254
was published
May 17, 2022
An XML External Entity Injection vulnerability in Juniper Networks Junos Space versions prior to...
Moderate
Unreviewed
CVE-2017-2308
was published
May 17, 2022
XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager...
Moderate
Unreviewed
CVE-2017-9295
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API