Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,084
Maven
5,000+
npm
3,747
NuGet
674
pip
3,436
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

470 advisories

Loading
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection... High Unreviewed
CVE-2019-8087 was published May 24, 2022
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection... High Unreviewed
CVE-2019-8086 was published May 24, 2022
Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a xml external entity injection... High Unreviewed
CVE-2019-8082 was published May 24, 2022
XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka... High Unreviewed
CVE-2019-18213 was published May 24, 2022
XML external entity (XXE) vulnerability in Episerver 7 patch 4 and earlier allows remote... High Unreviewed
CVE-2017-17762 was published May 24, 2022
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser... High Unreviewed
CVE-2019-1060 was published May 24, 2022
HCL AppScan Source before 9.03.13 is susceptible to XML External Entity (XXE) attacks in multiple... High Unreviewed
CVE-2019-16188 was published May 24, 2022
An XML injection vulnerability was found in Limesurvey before 3.17.14 that allows remote... High Unreviewed
CVE-2019-16174 was published May 24, 2022
Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 ... High Unreviewed
CVE-2019-13608 was published May 24, 2022
Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data... High Unreviewed
CVE-2019-15637 was published May 24, 2022
The XML-RPC subsystem in Zenoss 2.5.3 allows XXE attacks that lead to unauthenticated information... High Unreviewed
CVE-2019-14258 was published May 24, 2022
A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses... High Unreviewed
CVE-2019-1187 was published May 24, 2022
Zoho ManageEngine AssetExplorer 6.2.0 is vulnerable to an XML External Entity Injection (XXE)... High Unreviewed
CVE-2019-14693 was published May 24, 2022
An issue was discovered in the 3CX Phone system (web) management console 12.5.44178.1002 through... High Unreviewed
CVE-2019-13176 was published May 24, 2022
The Transition Technologies "The Scheduler" app 5.1.3 for Jira allows XXE due to a weakly... High Unreviewed
CVE-2018-14383 was published May 24, 2022
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. With a valid administrator... High Unreviewed
CVE-2019-10264 was published May 24, 2022
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When sending an out-of... High Unreviewed
CVE-2019-10266 was published May 24, 2022
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Improper Restriction of... High Unreviewed
CVE-2019-7847 was published May 24, 2022
lib/DocumentToText.php in OpenCats before 0.9.4-3 has XXE that allows remote users to read files... High Unreviewed
CVE-2019-13358 was published May 24, 2022
LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification... High Unreviewed
CVE-2019-13031 was published May 24, 2022
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of... High Unreviewed
CVE-2018-20843 was published May 24, 2022
BlogEngine.NET 3.3.7 and earlier allows XXE via an apml file to syndication.axd. High Unreviewed
CVE-2019-11392 was published May 24, 2022
BlogEngine.NET 3.3.7.0 and earlier allows XML External Entity Blind Injection, related to... High Unreviewed
CVE-2019-10718 was published May 24, 2022
Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4... High Unreviewed
CVE-2019-3722 was published May 24, 2022
An XML External Entity vulnerability in the UEM Core of BlackBerry UEM version(s) earlier than 12... High Unreviewed
CVE-2019-8999 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database