Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

43 advisories

Loading
An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) saveFile provided by... Moderate Unreviewed
CVE-2020-9354 was published May 24, 2022
The OpenID client application in Atlassian Crowd before version 3.6.2, and from version 3.7.0... Moderate Unreviewed
CVE-2019-20104 was published May 24, 2022
Zend Framework XEE Vulnerability Moderate
CVE-2012-6531 was published for zendframework/zendframework1 (Composer) May 17, 2022
Zend Framework XEE Vulnerability Moderate
CVE-2012-6532 was published for zendframework/zendframework1 (Composer) May 17, 2022
ZendXml and Zend Framework contain XXE and XEE Vulnerabilities Moderate
CVE-2015-5161 was published for zendframework/zendframework (Composer) May 17, 2022
jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows... Moderate Unreviewed
CVE-2011-1755 was published May 17, 2022
Several Zend Products Vulnerable to XXE and XEE attacks Moderate
CVE-2014-2683 was published for zendframework/zendframework1 (Composer) May 14, 2022
Several Zend Products Vulnerable to XXE and XEE attacks Moderate
CVE-2014-2682 was published for zendframework/zendframework1 (Composer) May 14, 2022
Improper Restriction of Recursive Entity References in DTDs in Apache POI Moderate
CVE-2017-5644 was published for org.apache.poi:poi (Maven) May 13, 2022
Nokogiri vulnerable to DoS while parsing XML documents Moderate
CVE-2013-6460 was published for nokogiri (RubyGems) May 5, 2022
jasnow
Nokogiri vulnerable to DoS while parsing XML entities Moderate
CVE-2013-6461 was published for nokogiri (RubyGems) May 5, 2022
jasnow
The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7,... Moderate Unreviewed
CVE-2009-1955 was published May 2, 2022
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an... Moderate Unreviewed
CVE-2008-3281 was published May 1, 2022
IBM Cognos Analytics PowerPlay (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7) could be... Moderate Unreviewed
CVE-2021-20464 was published Apr 23, 2022
Feedgen Vulnerable to XML Denial of Service Attacks Moderate
CVE-2020-5227 was published for feedgen (pip) Jan 28, 2020
Information disclosure through processing of external XML entities Moderate
CVE-2019-8126 was published for magento/community-edition (Composer) Nov 12, 2019
Moderate severity vulnerability that affects org.restlet.jse:org.restlet Moderate
CVE-2014-1868 was published for org.restlet.jse:org.restlet (Maven) Oct 17, 2018
Nokogiri vulnerable to libxml XML Entity Expansion Moderate
CVE-2015-1819 was published for nokogiri (RubyGems) Aug 8, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database