Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,662
Maven
5,000+
npm
4,289
NuGet
760
pip
4,069
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

279 advisories

Loading
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection ... Moderate Unreviewed
CVE-2024-45072 was published Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed
CVE-2024-4184 was published Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed
CVE-2024-4189 was published Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed
CVE-2024-4690 was published Oct 16, 2024
When the XML is read from the codes in the PDF and parsed using a DocumentBuilder, the default... Moderate Unreviewed
CVE-2024-8602 was published Oct 14, 2024
TopQuadrant TopBraid EDG before version 8.0.1 allows an authenticated attacker to upload an XML... Moderate Unreviewed
CVE-2024-45745 was published Sep 27, 2024
In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE)... Moderate Unreviewed
CVE-2024-3930 was published Jul 30, 2024
Laravel v11.x was discovered to contain an XML External Entity (XXE) vulnerability. Moderate Unreviewed
CVE-2024-40075 was published Jul 22, 2024
Improper Restriction of XML External Entity Reference vulnerability in PruvaSoft Informatics... Moderate Unreviewed
CVE-2024-5625 was published Jul 18, 2024
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1... Moderate Unreviewed
CVE-2024-4357 was published May 15, 2024
Microsoft SharePoint Server Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-30043 was published May 14, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51602 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51605 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51601 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51604 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51600 was published May 3, 2024
Voltronic Power ViewPower Pro doDocument XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51591 was published May 3, 2024
Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-42035 was published May 3, 2024
Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information... Moderate Unreviewed
CVE-2023-39472 was published May 3, 2024
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business... Moderate Unreviewed
CVE-2024-21048 was published Apr 17, 2024
An XML external entity (XXE) vulnerability was found in Stilog Visual Planning 8. It allows an... Moderate Unreviewed
CVE-2023-49234 was published Mar 29, 2024
Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection... Moderate Unreviewed
CVE-2024-25971 was published Mar 28, 2024
In JetBrains TeamCity before 2024.03 xXE was possible in the Maven build steps detector Moderate Unreviewed
CVE-2024-31139 was published Mar 28, 2024
A vulnerability classified as problematic was found in lakernote EasyAdmin up to 20240315. This... Moderate Unreviewed
CVE-2024-2826 was published Mar 22, 2024
Improper restriction of XML external entity references vulnerability exists in FitNesse all... Moderate Unreviewed
CVE-2024-28039 was published Mar 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database