Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

369 advisories

Loading
Duplicate Advisory: Eclipse IDE XXE in eclipse.platform Moderate
GHSA-cc4w-3cff-j8fw was published for org.eclipse.platform:eclipse.platform (Maven) Nov 9, 2023 withdrawn
An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in... Moderate Unreviewed
CVE-2023-5136 was published Nov 8, 2023
e-Tax software Version3.0.10 and earlier improperly restricts XML external entity references (XXE... Moderate Unreviewed
CVE-2023-46802 was published Nov 6, 2023
An issue was discovered in VERMEG AgileReporter 21.3. XXE can occur via an XML document to the... Moderate Unreviewed
CVE-2022-34832 was published Oct 27, 2023
Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. An XXE attack... Moderate Unreviewed
CVE-2023-43067 was published Oct 23, 2023
CX-Designer Ver.3.740 and earlier (included in CX-One CXONE-AL[][]D-V4) contains an improper... Moderate Unreviewed
CVE-2023-43624 was published Oct 23, 2023
svg_optimizer rubygem external XML entity (XXE) vulnerability Moderate
CVE-2023-46035 was published for svg_optimizer (RubyGems) Oct 20, 2023
SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details... Moderate Unreviewed
CVE-2023-41365 was published Oct 10, 2023
FD Application Apr. 2022 Edition (Version 9.01) and earlier improperly restricts XML external... Moderate Unreviewed
CVE-2023-42132 was published Oct 2, 2023
codehaus-plexus vulnerable to XML injection Moderate
CVE-2022-4245 was published for org.codehaus.plexus:plexus-utils (Maven) Sep 25, 2023
Path traversal allows exploiting XXE vulnerability in Jenkins Job Configuration History Plugin Moderate
CVE-2023-41932 was published for org.jenkins-ci.plugins:jobConfigHistory (Maven) Sep 6, 2023
DDFFileParser is vulnerable to XXE Attacks Moderate
CVE-2023-41034 was published for org.eclipse.leshan:leshan-core (Maven) Aug 31, 2023
JaroslawLegierski
Credited to JaroslawLegierski
Esoteric YamlBeans XML Entity Expansion vulnerability Moderate
CVE-2023-24620 was published for com.esotericsoftware.yamlbeans:yamlbeans (Maven) Aug 25, 2023
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,... Moderate Unreviewed
CVE-2020-26064 was published Aug 4, 2023
The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity... Moderate Unreviewed
CVE-2023-30951 was published Aug 4, 2023
XML External Entity (XXE) vulnerability in the XML data handler Moderate
CVE-2023-38490 was published for getkirby/cms (Composer) Jul 28, 2023
noraj dapatrese
Credited to noraj and dapatrese
Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references (XXE... Moderate Unreviewed
CVE-2023-32639 was published Jul 25, 2023
XBRL data create application version 7.0 and earlier improperly restricts XML external entity... Moderate Unreviewed
CVE-2023-32635 was published Jul 19, 2023
Jenkins External Monitor Job Type Plugin XML external entity vulnerability Moderate
CVE-2023-37942 was published for org.jenkins-ci.plugins:external-monitor-job (Maven) Jul 12, 2023
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... Moderate Unreviewed
CVE-2023-37200 was published Jul 12, 2023
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... Moderate Unreviewed
CVE-2023-2161 was published Jul 6, 2023
Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view... Moderate Unreviewed
CVE-2023-35786 was published Jul 5, 2023
Improper restriction of XML external entity reference (XXE) vulnerability exists in FRENIC RHC... Moderate Unreviewed
CVE-2023-29498 was published Jun 13, 2023
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can... Moderate Unreviewed
CVE-2023-32706 was published Jun 1, 2023
A vulnerability classified as problematic was found in Weaver e-cology up to 9.0. Affected by... Moderate Unreviewed
CVE-2023-2806 was published May 19, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database