Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,801
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,010
NuGet
720
pip
3,810
Pub
12
RubyGems
930
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+

498 advisories

Loading
IBM FileNet Workplace 4.0.2 before 4.0.2.14 LA012 allows remote authenticated users to read... High Unreviewed
CVE-2016-3055 was published May 17, 2022
VISAM VBASE version 11.6.0.6 processes an XML document that can contain XML entities with URIs... High Unreviewed
CVE-2021-42537 was published Jul 28, 2022
Access to external entities when parsing XML documents can lead to XML external entity (XXE)... High Unreviewed
CVE-2022-2414 was published Jul 30, 2022
An attacker can force the victim’s device to perform arbitrary HTTP requests in WAN through a... High Unreviewed
CVE-2022-27873 was published Jul 30, 2022
Apache SOAP's RPCRouterServlet allows reading of arbitrary files over HTTP High
CVE-2022-40705 was published for soap:soap (Maven) Sep 23, 2022
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The... High Unreviewed
CVE-2022-42301 was published Oct 4, 2022
IBM Sterling Partner Engagement Manager 6.1 is vulnerable to an XML External Entity Injection ... High Unreviewed
CVE-2022-34348 was published Sep 25, 2022
Cisco Prime Home 5.2.0 allows remote attackers to read arbitrary files via an XML document... High Unreviewed
CVE-2016-6408 was published May 17, 2022
Improper Restriction of XML External Entity Reference in DiffPlug Spotless High
CVE-2019-9843 was published for com.diffplug.spotless:spotless-maven-plugin (Maven) Jul 5, 2019
XML External Entity injection in Apache Camel High
CVE-2019-0188 was published for org.apache.camel:camel-core (Maven) May 29, 2019
XXE vulnerability in Jenkins WebSphere Deployer Plugin High
CVE-2020-2108 was published for org.jenkins-ci.plugins:websphere-deployer (Maven) May 24, 2022
NotMyFault
XML External Entity Reference in Jenkins Storable Configs Plugin High
CVE-2022-30971 was published for org.jvnet.hudson.plugins:storable-configs-plugin (Maven) May 18, 2022
NotMyFault
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 is vulnerable to an XML External... High Unreviewed
CVE-2019-4513 was published May 24, 2022
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, and 19.0.0.2 is... High Unreviewed
CVE-2019-4424 was published May 24, 2022
IBM Security Guardium Big Data Intelligence 4.0 (SonarG) is vulnerable to an XML External Entity... High Unreviewed
CVE-2019-4340 was published May 24, 2022
IBM InfoSphere Global Name Management 5.0 and 6.0 and IBM InfoSphere Identity Insight 8.1 and 9.0... High Unreviewed
CVE-2019-4433 was published May 24, 2022
An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity... High Unreviewed
CVE-2019-6179 was published May 24, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to an XML External Entity Injection... High Unreviewed
CVE-2022-36773 was published Sep 2, 2022
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter... High Unreviewed
CVE-2022-29801 was published May 21, 2022
XML External Entity Reference in Jenkins Recipe Plugin High
CVE-2022-34793 was published for org.jenkins-ci.plugins:recipe (Maven) Jul 1, 2022
NotMyFault
Jenkins Plot Plugin XML External Entity Reference vulnerability High
CVE-2022-46682 was published for org.jenkins-ci.plugins:plot (Maven) Dec 12, 2022
Out-of-Band XML External Entity (OOB-XXE) vulnerability in Zoho ManageEngine Analytics Plus... High Unreviewed
CVE-2020-21641 was published Aug 16, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0 snf 6.0.0.0 is vulnerable to an XML External... High Unreviewed
CVE-2019-4043 was published May 13, 2022
XXE vulnerability in Jenkins Valgrind Plugin High
CVE-2020-2245 was published for org.jenkins-ci.plugins:valgrind (Maven) May 24, 2022
NotMyFault
XXE vulnerability in Jenkins Klocwork Analysis Plugin High
CVE-2020-2247 was published for org.jenkins-ci.plugins:klocwork (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database