GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,048 advisories
Filter by severity
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can...
Critical
Unreviewed
CVE-2024-40896
was published
Dec 23, 2024
In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE...
Moderate
Unreviewed
CVE-2024-56356
was published
Dec 20, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText™ Operations...
Moderate
Unreviewed
CVE-2021-22501
was published
Dec 19, 2024
Ucum-java has an XXE vulnerability in XML parsing
High
CVE-2024-55887
was published
for
org.fhir:ucum
(Maven)
Dec 13, 2024
http4k has a potential XXE (XML External Entity Injection) vulnerability
Critical
CVE-2024-55875
was published
for
org.http4k:http4k-format-xml
(Maven)
Dec 12, 2024
Microsoft SharePoint Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-49064
was published
Dec 12, 2024
Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and...
Moderate
Unreviewed
CVE-2024-49535
was published
Dec 10, 2024
A vulnerability has been identified in COMOS V10.3 (All versions < V10.3.3.5.8), COMOS V10.4.0 ...
Moderate
Unreviewed
CVE-2024-54005
was published
Dec 10, 2024
A vulnerability has been identified in COMOS V10.3 (All versions < V10.3.3.5.8), COMOS V10.4.0 ...
Moderate
Unreviewed
CVE-2024-49704
was published
Dec 10, 2024
Due to missing validation of XML input, an unauthenticated attacker could send malicious input to...
Moderate
Unreviewed
CVE-2024-47582
was published
Dec 10, 2024
unstructured XML External Entity (XXE)
Moderate
CVE-2024-46455
was published
for
unstructured
(pip)
Dec 9, 2024
SimpleSAMLphp vulnerable to XXE in parsing SAML messages
High
GHSA-j5g2-q29x-cw3h
was published
for
simplesamlphp/simplesamlphp
(Composer)
Dec 2, 2024
•
withdrawn
SimpleSAMLphp SAML2 has an XXE in parsing SAML messages
Moderate
CVE-2024-52806
was published
for
simplesamlphp/saml2
(Composer)
Dec 2, 2024
veraPDF CLI has potential XXE (XML External Entity Injection) vulnerability
Low
CVE-2024-52800
was published
for
org.verapdf:core
(Maven)
Dec 2, 2024
SimpleSAMLphp xml-common XXE vulnerability
High
CVE-2024-52596
was published
for
simplesamlphp/xml-common
(Composer)
Dec 2, 2024
A XML External Entity (XXE) vulnerability has been identified in Easy Tax Client Software 2023 1...
Moderate
Unreviewed
CVE-2024-9044
was published
Nov 29, 2024
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow...
High
Unreviewed
CVE-2024-53674
was published
Nov 27, 2024
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow...
High
Unreviewed
CVE-2024-53675
was published
Nov 27, 2024
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow...
High
Unreviewed
CVE-2024-11622
was published
Nov 27, 2024
Possible XML External Entity Injection
in iManager GET parameter has been discovered in...
High
Unreviewed
CVE-2023-24466
was published
Nov 22, 2024
An XML External Entity (XXE) vulnerability in the Import object and Translation Memory import...
Moderate
Unreviewed
CVE-2024-50848
was published
Nov 18, 2024
XXE in PHPSpreadsheet's XLSX reader
High
CVE-2024-48917
was published
for
phpoffice/phpspreadsheet
(Composer)
Nov 18, 2024
XmlScanner bypass leads to XXE
High
CVE-2024-47873
was published
for
phpoffice/phpspreadsheet
(Composer)
Nov 18, 2024
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,...
Moderate
Unreviewed
CVE-2020-26066
was published
Nov 18, 2024
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an...
High
Unreviewed
CVE-2024-39726
was published
Nov 15, 2024
ProTip!
Advisories are also available from the
GraphQL API