GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,643
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
244 advisories
Filter by severity
An XML External Entity injection (XXE) vulnerability in ENOVIA Live Collaboration V6R2013xE...
Critical
Unreviewed
CVE-2023-1288
was published
Mar 9, 2023
An XML External Entity (XXE) vulnerability in urule v2.1.7 allows attackers to execute arbitrary...
Critical
Unreviewed
CVE-2023-24189
was published
Feb 25, 2023
A vulnerability classified as problematic has been found in UIKit0 libplist 1.12. This affects...
Critical
Unreviewed
CVE-2015-10082
was published
Feb 21, 2023
java-xmlbuilder vulnerable to XML External Entity Reference
Critical
CVE-2014-125087
was published
for
com.jamesmurty.utils:java-xmlbuilder
(Maven)
Feb 19, 2023
An improper restriction of xml external entity reference in Fortinet FortiNAC version 9.4.0...
Critical
Unreviewed
CVE-2022-39954
was published
Feb 16, 2023
XML External Entity (XXE) vulnerability in Talend Remote Engine Gen 2 before R2022-09.
Critical
Unreviewed
CVE-2022-45588
was published
Feb 3, 2023
IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity...
Critical
Unreviewed
CVE-2022-22486
was published
Feb 3, 2023
IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity...
Critical
Unreviewed
CVE-2022-38389
was published
Feb 3, 2023
Netcad KEOS 1.0 is vulnerable to XML External Entity (XXE) resulting in SSRF with XXE (remote).
Critical
Unreviewed
CVE-2022-47873
was published
Feb 1, 2023
Agent-to-controller security bypass in Jenkins Semantic Versioning Plugin
Critical
CVE-2023-24429
was published
for
org.jenkins-ci.plugins:semantic-versioning-plugin
(Maven)
Jan 26, 2023
XML external entity reference vulnerability on agents in Jenkins Semantic Versioning Plugin
Critical
CVE-2023-24430
was published
for
org.jenkins-ci.plugins:semantic-versioning-plugin
(Maven)
Jan 26, 2023
XML Entity Expansion in Jenkins TestComplete support Plugin
Critical
CVE-2023-24443
was published
for
org.jenkins-ci.plugins:TestComplete
(Maven)
Jan 26, 2023
A vulnerability classified as problematic was found in Talend Open Studio for MDM. This...
Critical
Unreviewed
CVE-2021-4311
was published
Jan 9, 2023
kelvinmo simplexrd vulnerable to Improper Restriction of XML External Entity Reference
Critical
CVE-2015-10029
was published
for
kelvinmo/simplexrd
(Composer)
Jan 7, 2023
dssp vulnerable to Improper Restriction of XML External Entity Reference
Critical
CVE-2016-15011
was published
for
be.e_contract.dssp:dssp-client
(Maven)
Jan 6, 2023
bonita-connector-webservice XML External Entity vulnerability
Critical
CVE-2020-36640
was published
for
org.bonitasoft.connectors:bonita-connector-webservice
(Maven)
Jan 5, 2023
aXMLRPC XML External Entity vulnerability
Critical
CVE-2020-36641
was published
for
fr.turri:aXMLRPC
(Maven)
Jan 5, 2023
iText RUPS XML External Entity vulnerability
Critical
CVE-2017-20151
was published
for
com.itextpdf:itext-rups
(Maven)
Dec 30, 2022
A vulnerability classified as problematic was found in ONC code-validator-api up to 1.0.30. This...
Critical
Unreviewed
CVE-2021-4295
was published
Dec 29, 2022
A vulnerability was found in 3D City Database OGC Web Feature Service up to 5.2.1. It has been...
Critical
Unreviewed
CVE-2022-4607
was published
Dec 19, 2022
An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and...
Critical
Unreviewed
CVE-2022-3980
was published
Nov 16, 2022
XML External Entity Reference in Jenkins CCCC Plugin
Critical
CVE-2022-45395
was published
for
com.thalesgroup.jenkins-ci.plugins:cccc
(Maven)
Nov 16, 2022
"IBM InfoSphere Information Server 11.7 is vulnerable to an XML External Entity Injection (XXE)...
Critical
Unreviewed
CVE-2022-40747
was published
Nov 4, 2022
VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x...
Critical
Unreviewed
CVE-2022-31678
was published
Oct 28, 2022
Duplicate Advisory: Improper Restriction of XML External Entity Reference in pikepdf
Critical
CVE-2021-46849
was published
for
pikepdf
(pip)
Oct 24, 2022
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API