GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
14 advisories
Filter by severity
Authenticated XML External Entity Processing
Moderate
GHSA-8xv9-qcr9-ww9j
was published
for
shopware/core
(Composer)
Oct 19, 2020
Concrete CMS vulnerable to XML External Entity
Moderate
CVE-2022-43689
was published
for
concrete5/concrete5
(Composer)
Nov 15, 2022
PHPExcel vulnerable to XXE attacks through libxml
Moderate
CVE-2014-2054
was published
for
phpoffice/phpexcel
(Composer)
May 17, 2022
Several Zend Products Vulnerable to XXE and XEE attacks
Moderate
CVE-2014-2683
was published
for
zendframework/zendframework1
(Composer)
May 14, 2022
Several Zend Products Vulnerable to XXE and XEE attacks
Moderate
CVE-2014-2682
was published
for
zendframework/zendframework1
(Composer)
May 14, 2022
Several Zend Products Vulnerable to XXE and XEE attacks
Moderate
CVE-2014-2681
was published
for
zendframework/zendframework1
(Composer)
May 14, 2022
XML External Entity (XXE) vulnerability in the XML data handler
Moderate
CVE-2023-38490
was published
for
getkirby/cms
(Composer)
Jul 28, 2023
Zend Framework XXE Vulnerability
Moderate
CVE-2012-5657
was published
for
zendframework/zendframework1
(Composer)
May 17, 2022
Moodle Arbitrary File Read via XML External Entity vulnerability
Moderate
CVE-2014-3543
was published
for
moodle/moodle
(Composer)
May 13, 2022
ZendXml and Zend Framework contain XXE and XEE Vulnerabilities
Moderate
CVE-2015-5161
was published
for
zendframework/zendframework
(Composer)
May 17, 2022
phpMyAdmin vulnerable to XML external entity (XXE) injection attack
Moderate
CVE-2011-4107
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Information disclosure through processing of external XML entities
Moderate
CVE-2019-8126
was published
for
magento/community-edition
(Composer)
Nov 12, 2019
SilverStripe XXE Vulnerability in CSSContentParser
Moderate
CVE-2020-25817
was published
for
silverstripe/framework
(Composer)
May 24, 2022
Kimai has an XXE Leading to Local File Read
Moderate
GHSA-534c-hcr7-67jg
was published
for
kimai/kimai
(Composer)
Sep 17, 2024
ProTip!
Advisories are also available from the
GraphQL API