Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,800
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,005
NuGet
720
pip
3,805
Pub
12
RubyGems
927
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+

497 advisories

Loading
Improper Restriction of XML External Entity Reference in Jenkins Chef Sinatra High
CVE-2022-25209 was published for org.jenkins-ci.plugins:sinatra-chef-builder (Maven) Feb 16, 2022
NotMyFault
Improper Restriction of XML External Entity Reference in Magnolia CMS High
CVE-2021-46365 was published for info.magnolia:magnolia-core (Maven) Feb 12, 2022
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable to an XML External Entity... High Unreviewed
CVE-2020-4876 was published Jan 22, 2022
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable to an XML External Entity... High Unreviewed
CVE-2020-4875 was published Jan 22, 2022
REXML round-trip instability High
CVE-2021-28965 was published for rexml (RubyGems) Apr 30, 2021
An issue was discovered in CALDERA 2.9.0. The Debrief plugin receives base64 encoded "SVG"... High Unreviewed
CVE-2021-42560 was published Jan 13, 2022
Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Administrator 7.2... High Unreviewed
CVE-2017-14526 was published May 17, 2022
IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to a XML External Entity Injection ... High Unreviewed
CVE-2017-1527 was published May 17, 2022
An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21... High Unreviewed
CVE-2017-12069 was published May 17, 2022
Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Webtop 6.8.0160... High Unreviewed
CVE-2017-14527 was published May 17, 2022
IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when... High Unreviewed
CVE-2017-1289 was published May 14, 2022
Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration import functionality... High Unreviewed
CVE-2017-1000496 was published May 14, 2022
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to a XML External Entity... High Unreviewed
CVE-2017-1666 was published May 14, 2022
IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entity Injection (XXE) attack... High Unreviewed
CVE-2017-1192 was published May 14, 2022
IBM Content Navigator 2.0 and 3.0 is vulnerable to a XML External Entity Injection (XXE) attack... High Unreviewed
CVE-2018-1364 was published May 14, 2022
IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and... High Unreviewed
CVE-2017-1758 was published May 14, 2022
textpattern version version 4.6.2 contains a XML Injection vulnerability in Import XML feature... High Unreviewed
CVE-2018-1000090 was published May 14, 2022
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x... High Unreviewed
CVE-2018-5789 was published May 14, 2022
Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53,... High Unreviewed
CVE-2018-2392 was published May 14, 2022
Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53,... High Unreviewed
CVE-2018-2393 was published May 14, 2022
Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an... High Unreviewed
CVE-2017-8315 was published May 14, 2022
The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7... High Unreviewed
CVE-2017-6323 was published May 14, 2022
RSA Authentication Manager Security Console, version 8.3 and earlier, contains a XML External... High Unreviewed
CVE-2018-1247 was published May 14, 2022
Multiple XML external entity (XXE) vulnerabilities in (1) CQWeb / CM Server, (2) ClearQuest... High Unreviewed
CVE-2014-0950 was published May 14, 2022
IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to a XML External Entity... High Unreviewed
CVE-2018-1456 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database