GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 279,086

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

280 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper restriction of XML external entity references vulnerability exists in FitNesse all... Moderate Unreviewed

CVE-2024-28039 was published Mar 18, 2024

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an... Moderate Unreviewed

CVE-2023-25926 was published Feb 29, 2024

The XML parser in Magic xpi Integration Platform 4.13.4 allows XXE attacks, e.g., via onItemImport. Moderate Unreviewed

CVE-2023-52239 was published Feb 6, 2024

When SEW-EURODRIVE MOVITOOLS MotionStudio processes XML information unrestricted file access can... Moderate Unreviewed

CVE-2024-1167 was published Feb 1, 2024

Improper Restriction of XML External Entity Reference vulnerability in OpenText AppBuilder on... Moderate Unreviewed

CVE-2023-4554 was published Jan 29, 2024

Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture... Moderate Unreviewed

CVE-2024-22380 was published Jan 24, 2024

Electronic Delivery Check System (Doboku) Ver.18.1.0 and earlier, Electronic Delivery Check... Moderate Unreviewed

CVE-2024-21765 was published Jan 24, 2024

Electronic Deliverables Creation Support Tool (Construction Edition) prior to Ver1.0.4 and... Moderate Unreviewed

CVE-2024-21796 was published Jan 24, 2024

The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to... Moderate Unreviewed

CVE-2024-23525 was published Jan 18, 2024

An unauthenticated could abuse a XXE vulnerability in the Smart Device Server to leak data or... Moderate Unreviewed

CVE-2023-46265 was published Dec 19, 2023

An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in... Moderate Unreviewed

CVE-2023-5136 was published Nov 8, 2023

e-Tax software Version3.0.10 and earlier improperly restricts XML external entity references (XXE... Moderate Unreviewed

CVE-2023-46802 was published Nov 6, 2023

An issue was discovered in VERMEG AgileReporter 21.3. XXE can occur via an XML document to the... Moderate Unreviewed

CVE-2022-34832 was published Oct 27, 2023

Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. An XXE attack... Moderate Unreviewed

CVE-2023-43067 was published Oct 23, 2023

CX-Designer Ver.3.740 and earlier (included in CX-One CXONE-AL[][]D-V4) contains an improper... Moderate Unreviewed

CVE-2023-43624 was published Oct 23, 2023

SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details... Moderate Unreviewed

CVE-2023-41365 was published Oct 10, 2023

FD Application Apr. 2022 Edition (Version 9.01) and earlier improperly restricts XML external... Moderate Unreviewed

CVE-2023-42132 was published Oct 2, 2023

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,... Moderate Unreviewed

CVE-2020-26064 was published Aug 4, 2023

The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity... Moderate Unreviewed

CVE-2023-30951 was published Aug 4, 2023

Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references (XXE... Moderate Unreviewed

CVE-2023-32639 was published Jul 25, 2023

XBRL data create application version 7.0 and earlier improperly restricts XML external entity... Moderate Unreviewed

CVE-2023-32635 was published Jul 19, 2023

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... Moderate Unreviewed

CVE-2023-37200 was published Jul 12, 2023

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... Moderate Unreviewed

CVE-2023-2161 was published Jul 6, 2023

Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view... Moderate Unreviewed

CVE-2023-35786 was published Jul 5, 2023

Improper restriction of XML external entity reference (XXE) vulnerability exists in FRENIC RHC... Moderate Unreviewed

CVE-2023-29498 was published Jun 13, 2023

Previous 1…4…12 Next

Previous 1 2 3 4 5 6 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

280 advisories