Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,778
Erlang
36
GitHub Actions
29
Go
2,336
Maven
5,000+
npm
3,969
NuGet
713
pip
3,767
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

764 advisories

Loading
An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2023-26999 was published Jan 9, 2024
Keyoti SearchUnit prior to 9.0.0. is vulnerable to XML External Entity (XXE). An attacker who can... High Unreviewed
CVE-2025-44044 was published Jun 10, 2025
Improper Restriction of XML External Entity Reference vulnerability in pixelgrade Category Icon... Critical Unreviewed
CVE-2025-31039 was published Jun 9, 2025
A vulnerability, which was classified as problematic, has been found in ywoa up to 2024.07.03.... Moderate Unreviewed
CVE-2025-1225 was published Feb 12, 2025
Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture... Moderate Unreviewed
CVE-2024-22380 was published Jan 24, 2024
An issue was discovered in Independentsoft JWord before 1.1.110. The API is prone to XML external... Critical Unreviewed
CVE-2023-28152 was published Mar 24, 2023
An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external... Critical Unreviewed
CVE-2023-28150 was published Mar 25, 2023
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML... Critical Unreviewed
CVE-2023-28151 was published Mar 24, 2023
Lantronix Device installer is vulnerable to XML external entity (XXE) attacks in configuration... Moderate Unreviewed
CVE-2025-4338 was published May 23, 2025
An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it... Moderate Unreviewed
CVE-2019-0948 was published May 24, 2022
XXE vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This... High Unreviewed
CVE-2025-27523 was published May 15, 2025
CWE-611 Improper Restriction of XML External Entity Reference in the getDocumentBuilder() method... High Unreviewed
CVE-2025-4639 was published May 14, 2025
A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All... High Unreviewed
CVE-2024-51445 was published May 13, 2025
The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) allows an unauthenticated... High Unreviewed
CVE-2025-30018 was published May 13, 2025
SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE)... Critical Unreviewed
CVE-2025-2776 was published May 7, 2025
SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE)... Critical Unreviewed
CVE-2025-2777 was published May 7, 2025
SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE)... Critical Unreviewed
CVE-2025-2775 was published May 7, 2025
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper... High Unreviewed
CVE-2025-22478 was published May 6, 2025
Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R)... High Unreviewed
CVE-2022-21205 was published Feb 11, 2022
Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before... High Unreviewed
CVE-2022-21220 was published Feb 11, 2022
CBRN-Analysis before 22 allows XXE attacks via am mws XML document, leading to NTLMv2-SSP hash... Moderate Unreviewed
CVE-2022-45194 was published Nov 12, 2022
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can... High Unreviewed
CVE-2022-40304 was published Nov 23, 2022
GFI MailEssentials prior to version 21.8 is vulnerable to an XML External Entity (XXE) issue. An... Moderate Unreviewed
CVE-2025-34490 was published Apr 28, 2025
An improper XML parsing vulnerability was reported in the FileZ client that could allow arbitrary... Moderate Unreviewed
CVE-2025-2070 was published Apr 25, 2025
XML external entity (XXE) vulnerability in the Java XML processing functionality in Play before 2... Critical Unreviewed
CVE-2014-3630 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database