Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

279 advisories

Loading
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper... Moderate Unreviewed
CVE-2025-46425 was published Oct 24, 2025
In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2025-20369 was published Oct 1, 2025
A vulnerability was identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-11140 was published Sep 29, 2025
A vulnerability was determined in Jinher OA 2.0. The impacted element is an unknown function of... Moderate Unreviewed
CVE-2025-11035 was published Sep 26, 2025
A security flaw has been discovered in Jinher OA 2.0. This affects an unknown part of the file ... Moderate Unreviewed
CVE-2025-10816 was published Sep 23, 2025
A vulnerability was found in Jinher OA up to 1.2. This impacts an unknown function of the file ... Moderate Unreviewed
CVE-2025-10092 was published Sep 8, 2025
A vulnerability has been found in Jinher OA up to 1.2. This affects an unknown function of the... Moderate Unreviewed
CVE-2025-10091 was published Sep 8, 2025
Delta Electronics EIP Builder version 1.11 is vulnerable to a File Parsing XML External Entity... Moderate Unreviewed
CVE-2025-57704 was published Aug 26, 2025
Dell CloudLink, versions 8.0 through 8.1.1, contains an Improper Restriction of XML External... Moderate Unreviewed
CVE-2025-26484 was published Aug 14, 2025
A vulnerability has been identified in SIMOTION SCOUT TIA V5.4 (All versions), SIMOTION SCOUT TIA... Moderate Unreviewed
CVE-2025-40584 was published Aug 12, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of... Moderate Unreviewed
CVE-2025-36608 was published Jul 30, 2025
SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE)... Moderate Unreviewed
CVE-2025-26400 was published Jul 29, 2025
An XML External Entity (XXE) injection vulnerability exists in ETQ Reliance on the CG (legacy)... Moderate Unreviewed
CVE-2025-34142 was published Jul 22, 2025
Dell AppSync, version(s) 4.6.0.0, contains an Improper Restriction of XML External Entity... Moderate Unreviewed
CVE-2025-36603 was published Jul 21, 2025
A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects... Moderate Unreviewed
CVE-2025-7824 was published Jul 19, 2025
agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain an XML... Moderate Unreviewed
CVE-2025-52162 was published Jul 18, 2025
CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... Moderate Unreviewed
CVE-2025-6438 was published Jul 11, 2025
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Restriction... Moderate Unreviewed
CVE-2025-49544 was published Jul 8, 2025
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Restriction... Moderate Unreviewed
CVE-2025-49539 was published Jul 8, 2025
Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE)... Moderate Unreviewed
CVE-2025-49493 was published Jun 30, 2025
Lantronix Device installer is vulnerable to XML external entity (XXE) attacks in configuration... Moderate Unreviewed
CVE-2025-4338 was published May 23, 2025
GFI MailEssentials prior to version 21.8 is vulnerable to an XML External Entity (XXE) issue. An... Moderate Unreviewed
CVE-2025-34490 was published Apr 28, 2025
An improper XML parsing vulnerability was reported in the FileZ client that could allow arbitrary... Moderate Unreviewed
CVE-2025-2070 was published Apr 25, 2025
Overview   XML documents optionally contain a Document Type Definition (DTD), which, among... Moderate Unreviewed
CVE-2025-24911 was published Apr 17, 2025
Overview   XML documents optionally contain a Document Type Definition (DTD), which, among... Moderate Unreviewed
CVE-2025-24910 was published Apr 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database