Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

160 advisories

Loading
The DOM XML parser and SAX XML parser components of TIBCO Software Inc.'s TIBCO Managed File... Critical Unreviewed
CVE-2022-22774 was published May 11, 2022
OpenPNE 3 versions 3.8.7, 3.6.11, 3.4.21.1, 3.2.7.6, 3.0.8.5 has an External Entity Injection... Critical Unreviewed
CVE-2013-4333 was published May 5, 2022
Solar appScreener through 3.10.4, when a valid license is not present, allows XXE and SSRF... Critical Unreviewed
CVE-2022-24449 was published Apr 29, 2022
Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that... Critical Unreviewed
CVE-2022-28219 was published Apr 6, 2022
Signiant - Manager+Agents XML External Entity (XXE) - Extract internal files of the affected... Critical Unreviewed
CVE-2022-22795 was published Mar 11, 2022
In JetBrains TeamCity before 2021.2.1, XXE during the parsing of the configuration file was... Critical Unreviewed
CVE-2022-24340 was published Feb 26, 2022
Signiant Manager+Agents before 15.1 allows XML External Entity (XXE) attacks. Critical Unreviewed
CVE-2021-46660 was published Jan 31, 2022
AEM Forms Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by an XML... Critical Unreviewed
CVE-2021-40722 was published Jan 14, 2022
National Library of the Netherlands multiNER <= c0440948057afc6e3d6b4903a7c05e666b94a3bc is... Critical Unreviewed
CVE-2021-44557 was published Dec 9, 2021
National Library of the Netherlands digger < 6697d1269d981e35e11f240725b16401b5ce3db5 is affected... Critical Unreviewed
CVE-2021-44556 was published Dec 9, 2021
ProTip! Advisories are also available from the GraphQL API