Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

368 advisories

Loading
In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE)... Moderate Unreviewed
CVE-2024-3930 was published Jul 30, 2024
Improper Restriction of XML External Entity Reference vulnerability in PruvaSoft Informatics... Moderate Unreviewed
CVE-2024-5625 was published Jul 18, 2024
XML External Entity (XXE) in Django Moderate
CVE-2013-1665 was published for Django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
XML Entity Expansion (XEE) in Django Moderate
CVE-2013-1664 was published for Django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1... Moderate Unreviewed
CVE-2024-4357 was published May 15, 2024
Microsoft SharePoint Server Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-30043 was published May 14, 2024
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to... Moderate Unreviewed
CVE-2024-23525 was published Jan 18, 2024
codehaus-plexus vulnerable to XML injection Moderate
CVE-2022-4245 was published for org.codehaus.plexus:plexus-utils (Maven) Sep 25, 2023
Voltronic Power ViewPower Pro doDocument XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51591 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51605 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51600 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51601 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51602 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51604 was published May 3, 2024
Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-42035 was published May 3, 2024
Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information... Moderate Unreviewed
CVE-2023-39472 was published May 3, 2024
Apache Zeppelin SAP: connecting to a malicious SAP server allowed it to perform XXE Moderate
CVE-2022-47894 was published for org.apache.zeppelin:sap (Maven) Apr 9, 2024
SilverStripe XXE Vulnerability in CSSContentParser Moderate
CVE-2020-25817 was published for silverstripe/framework (Composer) May 24, 2022
Improper Restriction of XML External Entity Reference in Apache POI Moderate
CVE-2014-3529 was published for org.apache.poi:poi (Maven) May 17, 2022
MarkLee131
Credited to MarkLee131
The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity... Moderate Unreviewed
CVE-2023-30951 was published Aug 4, 2023
Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view... Moderate Unreviewed
CVE-2023-35786 was published Jul 5, 2023
Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. An XXE attack... Moderate Unreviewed
CVE-2023-43067 was published Oct 23, 2023
FD Application Apr. 2022 Edition (Version 9.01) and earlier improperly restricts XML external... Moderate Unreviewed
CVE-2023-42132 was published Oct 2, 2023
Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references (XXE... Moderate Unreviewed
CVE-2023-32639 was published Jul 25, 2023
XBRL data create application version 7.0 and earlier improperly restricts XML external entity... Moderate Unreviewed
CVE-2023-32635 was published Jul 19, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database