Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

245 advisories

Loading
It was found that the JAXP implementation used in JBoss EAP 7.0 for SAX and DOM parsing is... Critical Unreviewed
CVE-2017-7464 was published May 13, 2022
It was found that the JAXP implementation used in JBoss EAP 7.0 for XSLT processing is vulnerable... Critical Unreviewed
CVE-2017-7465 was published May 13, 2022
SEL AcSELerator Architect version 2.2.24.0 and prior allows unsanitized input to be passed to the... Critical Unreviewed
CVE-2018-10600 was published May 13, 2022
IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External... Critical Unreviewed
CVE-2018-1727 was published May 13, 2022
IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External... Critical Unreviewed
CVE-2018-1821 was published May 13, 2022
XML External Entity (XXE) vulnerability in Micro Focus Fortify Audit Workbench (AWB) and Micro... Critical Unreviewed
CVE-2018-6486 was published May 13, 2022
XXE vulnerability in Jenkins Job Import Plugin Critical
CVE-2019-1003015 was published for org.jenkins-ci.plugins:job-import-plugin (Maven) May 13, 2022
westonsteimel
FrostWire version <= frostwire-desktop-6.7.4-build-272 contains a XML External Entity (XXE)... Critical Unreviewed
CVE-2018-1000828 was published May 13, 2022
XML external entity (XXE) vulnerability in the Java XML processing functionality in Play before 2... Critical Unreviewed
CVE-2014-3630 was published May 13, 2022
There is an XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8... Critical Unreviewed
CVE-2018-10653 was published May 13, 2022
XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway... Critical Unreviewed
CVE-2017-9458 was published May 13, 2022
Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers to conduct XML External... Critical Unreviewed
CVE-2016-9924 was published May 13, 2022
www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht... Critical Unreviewed
CVE-2017-8110 was published May 13, 2022
perl-XML-Twig: The option to `expand_external_ents`, documented as controlling external entity... Critical Unreviewed
CVE-2016-9180 was published May 13, 2022
An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17... Critical Unreviewed
CVE-2018-12463 was published May 13, 2022
Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting... Critical Unreviewed
CVE-2017-1000497 was published May 13, 2022
Improper Restriction of XML External Entity Reference in Apace Derby Critical
CVE-2015-1832 was published for org.apache.derby:derby (Maven) May 13, 2022
IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information,... Critical Unreviewed
CVE-2016-2908 was published May 13, 2022
SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and... Critical Unreviewed
CVE-2018-16792 was published May 13, 2022
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15... Critical Unreviewed
CVE-2018-13826 was published May 13, 2022
XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1... Critical Unreviewed
CVE-2016-3974 was published May 13, 2022
An exploitable unauthenticated XML external injection vulnerability was identified in FocalScope... Critical Unreviewed
CVE-2018-3881 was published May 13, 2022
XML External Entity (XXE) vulnerability in the file based service provider creation feature of... Critical Unreviewed
CVE-2021-42646 was published May 12, 2022
The DOM XML parser and SAX XML parser components of TIBCO Software Inc.'s TIBCO Managed File... Critical Unreviewed
CVE-2022-22774 was published May 11, 2022
External Entity Reference in TwelveMonkeys ImageIO Critical
CVE-2021-23792 was published for com.twelvemonkeys.imageio:imageio-metadata (Maven) May 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database