GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,562
Composer 4,198
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,702
NuGet 660
pip 3,328
Pub 11
RubyGems 883
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 233,910

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

702 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability classified as problematic was found in Weaver e-cology up to 9.0. Affected by... Moderate Unreviewed

CVE-2023-2806 was published May 19, 2023

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ... Moderate Unreviewed

CVE-2023-20174 was published May 18, 2023

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ... Moderate Unreviewed

CVE-2023-20173 was published May 18, 2023

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection ... Critical Unreviewed

CVE-2023-27554 was published May 11, 2023

Shinseiyo Sogo Soft (7.9A) and earlier improperly restricts XML external entity references (XXE).... High Unreviewed

CVE-2023-27527 was published May 10, 2023

Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed

CVE-2022-45876 was published Apr 27, 2023

Zoho ManageEngine ServiceDesk Plus through 14104 allows admin users to conduct an XXE attack. Moderate Unreviewed

CVE-2023-29443 was published Apr 26, 2023

HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection ... High Unreviewed

CVE-2023-28008 was published Apr 26, 2023

HCL Workload Automation is vulnerable to an XML External Entity Injection (XXE) attack when... High Unreviewed

CVE-2023-28009 was published Apr 26, 2023

An XXE issue was discovered in Nokia NetAct before 22 FP2211 via an XML document to the... Moderate Unreviewed

CVE-2023-26057 was published Apr 25, 2023

An XXE issue was discovered in Nokia NetAct before 22 FP2211 via an XML document to a Performance... Moderate Unreviewed

CVE-2023-26058 was published Apr 25, 2023

All versions of Talend Data Catalog before 8.0-20230110 are potentially vulnerable to XML... Moderate Unreviewed

CVE-2023-26263 was published Apr 13, 2023

All versions of Talend Data Catalog before 8.0-20220907 are potentially vulnerable to XML... Moderate Unreviewed

CVE-2023-26264 was published Apr 13, 2023

A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The application... Moderate Unreviewed

CVE-2023-28828 was published Apr 11, 2023

National land numerical information data conversion tool all versions improperly restricts XML... Moderate Unreviewed

CVE-2023-25955 was published Apr 11, 2023

Zoho ManageEngine Applications Manager through 16320 allows the admin user to conduct an XXE attack. Moderate Unreviewed

CVE-2023-28340 was published Apr 11, 2023

IBM TRIRIGA 4.0 is vulnerable to an XML external entity injection (XXE) attack when processing... High Unreviewed

CVE-2023-27876 was published Apr 7, 2023

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed

CVE-2023-20030 was published Apr 5, 2023

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including... Moderate Unreviewed

CVE-2022-43941 was published Apr 3, 2023

A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of... Moderate Unreviewed

CVE-2022-43473 was published Mar 30, 2023

This vulnerability allows remote attackers to disclose sensitive information on affected... High Unreviewed

CVE-2022-36969 was published Mar 29, 2023

An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external... Critical Unreviewed

CVE-2023-28150 was published Mar 25, 2023

An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML... Critical Unreviewed

CVE-2023-28151 was published Mar 24, 2023

An issue was discovered in Independentsoft JWord before 1.1.110. The API is prone to XML external... Critical Unreviewed

CVE-2023-28152 was published Mar 24, 2023

Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed

CVE-2022-46300 was published Mar 22, 2023

Previous 1 2 3 4 5 6 7 … 28 29 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

702 advisories