Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,048 advisories

Loading
Signiant Manager+Agents before 15.1 allows XML External Entity (XXE) attacks. Critical Unreviewed
CVE-2021-46660 was published Jan 31, 2022
Improper Restriction of XML External Entity Reference High
CVE-2020-13692 was published for org.postgresql:postgresql (Maven) Feb 10, 2022
SunBK201
Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before... High Unreviewed
CVE-2022-21220 was published Feb 11, 2022
Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R)... High Unreviewed
CVE-2022-21205 was published Feb 11, 2022
Improper Restriction of XML External Entity Reference in Magnolia CMS High
CVE-2021-46365 was published for info.magnolia:magnolia-core (Maven) Feb 12, 2022
Improper Restriction of XML External Entity Reference in Jenkins Chef Sinatra High
CVE-2022-25209 was published for org.jenkins-ci.plugins:sinatra-chef-builder (Maven) Feb 16, 2022
NotMyFault
A local, authenticated attacker could use an XML External Entity (XXE) attack to exploit weakly... High Unreviewed
CVE-2020-14478 was published Feb 25, 2022
In JetBrains TeamCity before 2021.2.1, XXE during the parsing of the configuration file was... Critical Unreviewed
CVE-2022-24340 was published Feb 26, 2022
Improper Restriction of XML External Entity Reference in com.monitorjbl:xlsx-streamer Critical
CVE-2022-23640 was published for com.monitorjbl:xlsx-streamer (Maven) Mar 2, 2022
pjfanning
XML External Entity Reference in Hazelcast Critical
CVE-2022-0265 was published for com.hazelcast:hazelcast (Maven) Mar 4, 2022
aiannucci
Improper Restriction of XML External Entity Reference in Liquibase Critical
CVE-2022-0839 was published for org.liquibase:liquibase-core (Maven) Mar 5, 2022
Improper Restriction of XML External Entity Reference in Any23 Critical
CVE-2022-25312 was published for org.apache.any23:apache-any23 (Maven) Mar 6, 2022
Improper Restriction of XML External Entity Reference in trytond and proteus Moderate
CVE-2022-26661 was published for proteus (pip) Mar 11, 2022
An issue was discovered in OverIT Geocall before version 8.0. An authenticated user who has the... Moderate Unreviewed
CVE-2022-22835 was published Mar 11, 2022
Signiant - Manager+Agents XML External Entity (XXE) - Extract internal files of the affected... Critical Unreviewed
CVE-2022-22795 was published Mar 11, 2022
Agent-to-controller security bypass in Jenkins Semantic Versioning Plugin High
CVE-2022-27201 was published for org.jenkins-ci.plugins:semantic-versioning-plugin (Maven) Mar 16, 2022
NotMyFault
XML External Entities Vulnerability in CVRF-CSAF-Converter Moderate
CVE-2022-27193 was published for cvrf2csaf (pip) Mar 16, 2022
XML external entity (XXE) injection in Apache Nutch Critical
CVE-2021-23901 was published for org.apache.nutch:nutch (Maven) Mar 18, 2022
XML external entity (XXE) attacks in Jenkins Xcode integration Plugin High
CVE-2021-21656 was published for org.jenkins-ci.plugins:xcode-plugin (Maven) Mar 18, 2022
The wechat_return function in /controller/Index.php of EyouCms V1.5.4-UTF8-SP3 passes the user's... High Unreviewed
CVE-2021-42194 was published Mar 22, 2022
A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10... Moderate Unreviewed
CVE-2022-0861 was published Mar 24, 2022
GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity (XXE) vulnerability... High Unreviewed
CVE-2021-44477 was published Mar 26, 2022
Improper Restriction of XML External Entity Reference in soa-model Critical
CVE-2021-43090 was published for com.predic8:soa-model-core (Maven) Mar 26, 2022
enkins Coverage/Complexity Scatter Plot Plugin XML External Entity Reference vulnerability High
CVE-2022-28154 was published for org.jenkins-ci.plugins:covcomplplot (Maven) Mar 30, 2022
XXE vulnerability in Jenkins Flaky Test Handler Plugin High
CVE-2022-28140 was published for org.jenkins-ci.plugins:flaky-test-handler (Maven) Mar 30, 2022
westonsteimel
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database