Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,896
Erlang
38
GitHub Actions
38
Go
2,558
Maven
5,000+
npm
4,235
NuGet
751
pip
4,001
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

368 advisories

Loading
An XML External Entity vulnerability in the web-based user interface of the Cisco Secure Access... Moderate Unreviewed
CVE-2017-3839 was published May 13, 2022
The Microsoft Common Console Document (.msc) in Microsoft Windows 7 SP1, Windows Server 2008 SP2... Moderate Unreviewed
CVE-2017-8710 was published May 13, 2022
An XML external entity (XXE) injection vulnerability in Kwoksys Kwok Information Server before v2... Moderate Unreviewed
CVE-2022-45326 was published Dec 6, 2022
SLD Registration in SAP HANA (fixed in versions 1.0, 2.0) does not sufficiently validate an XML... Moderate Unreviewed
CVE-2019-0284 was published May 14, 2022
The administration backup restore resource in Atlassian Crowd before version 3.0.2 and from... Moderate Unreviewed
CVE-2017-18110 was published May 14, 2022
An XML External Entity Injection (XXE) vulnerability in the Management System (console) of... Moderate Unreviewed
CVE-2019-8997 was published May 14, 2022
SAP HANA extended application services, version 1, advanced does not sufficiently validate an XML... Moderate Unreviewed
CVE-2019-0277 was published May 14, 2022
Windows System Information Console in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows... Moderate Unreviewed
CVE-2017-8557 was published May 14, 2022
FreePlane version 1.5.9 and earlier contains a XML External Entity (XXE) vulnerability in XML... Moderate Unreviewed
CVE-2018-1000069 was published May 14, 2022
SLD Registration of ABAP Platform allows an attacker to prevent legitimate users from accessing a... Moderate Unreviewed
CVE-2019-0265 was published May 14, 2022
HornetQ REST vulnerable to Improper Restriction of XML External Entity Reference Moderate
CVE-2014-3599 was published for org.hornetq.rest:hornetq-rest (Maven) May 24, 2022
S3 Browser before 8.1.5 contains an XML external entity (XXE) vulnerability, allowing remote... Moderate Unreviewed
CVE-2018-20298 was published May 14, 2022
The Upload add-on resource in Atlassian Universal Plugin Manager before version 2.22.14 allows... Moderate Unreviewed
CVE-2018-20233 was published May 14, 2022
Processing Foundation Processing version 3.4 and earlier contains a XML External Entity (XXE)... Moderate Unreviewed
CVE-2018-1000840 was published May 14, 2022
The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has an XXE Vulnerability that... Moderate Unreviewed
CVE-2018-19371 was published May 14, 2022
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS)... Moderate Unreviewed
CVE-2018-8532 was published May 14, 2022
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS)... Moderate Unreviewed
CVE-2018-8527 was published May 14, 2022
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS)... Moderate Unreviewed
CVE-2018-8533 was published May 14, 2022
Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow XXE. Moderate Unreviewed
CVE-2018-11719 was published May 14, 2022
Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows... Moderate Unreviewed
CVE-2022-2330 was published Aug 31, 2022
ModbusPal 1.6b is vulnerable to an XML External Entity (XXE) attack. Projects are saved as .xmpp... Moderate Unreviewed
CVE-2018-10832 was published May 14, 2022
Digital Guardian Management Console 7.1.2.0015 has an XXE issue. Moderate Unreviewed
CVE-2018-10175 was published May 14, 2022
XML external entity (XXE) vulnerability in IBM InfoSphere Information Governance Catalog 11.3... Moderate Unreviewed
CVE-2016-0250 was published May 14, 2022
XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6... Moderate Unreviewed
CVE-2016-0369 was published May 14, 2022
The Upload File functionality in upload.jspa in Aurea Jive Jive-n 9.0.2.1 On-Premises allows for... Moderate Unreviewed
CVE-2018-5758 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database