GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,434

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

702 advisories

Filter by severity

Sort by

Least recently updated

Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to... High Unreviewed

CVE-2024-10839 was published Nov 8, 2024

A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read... Moderate Unreviewed

CVE-2024-20531 was published Nov 6, 2024

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection ... Moderate Unreviewed

CVE-2024-45086 was published Nov 4, 2024

An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to... Critical Unreviewed

CVE-2024-51136 was published Nov 4, 2024

Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor... Moderate Unreviewed

CVE-2024-50442 was published Oct 28, 2024

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed

CVE-2024-4690 was published Oct 16, 2024

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed

CVE-2024-4189 was published Oct 16, 2024

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed

CVE-2024-4184 was published Oct 16, 2024

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection ... Moderate Unreviewed

CVE-2024-45072 was published Oct 16, 2024

When the XML is read from the codes in the PDF and parsed using a DocumentBuilder, the default... Moderate Unreviewed

CVE-2024-8602 was published Oct 14, 2024

Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection... Low Unreviewed

CVE-2024-39586 was published Oct 9, 2024

TopQuadrant TopBraid EDG before version 8.0.1 allows an authenticated attacker to upload an XML... Moderate Unreviewed

CVE-2024-45745 was published Sep 27, 2024

Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure... Critical Unreviewed

CVE-2024-7098 was published Sep 16, 2024

An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before... High Unreviewed

CVE-2024-37397 was published Sep 12, 2024

Loftware Spectrum before 4.6 HF14 allows authenticated XXE attacks. High Unreviewed

CVE-2023-37233 was published Sep 10, 2024

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length... Critical Unreviewed

CVE-2024-45490 was published Aug 30, 2024

XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC... High Unreviewed

CVE-2024-22218 was published Aug 15, 2024

XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to... High Unreviewed

CVE-2024-38653 was published Aug 14, 2024

The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to contain references to... High Unreviewed

CVE-2024-6893 was published Aug 8, 2024

In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE)... Moderate Unreviewed

CVE-2024-3930 was published Jul 30, 2024

Improper Restriction of XML External Entity Reference vulnerability in PruvaSoft Informatics... Moderate Unreviewed

CVE-2024-5625 was published Jul 18, 2024

IBM Engineering Requirements Management DOORS Web Access 9.7.2.8 is vulnerable to an XML External... High Unreviewed

CVE-2023-50304 was published Jul 18, 2024

When the Kiuwan Local Analyzer uploads the scan results to the Kiuwan SAST web application ... High Unreviewed

CVE-2023-49110 was published Jun 20, 2024

IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 is vulnerable to an XML... High Unreviewed

CVE-2023-45192 was published Jun 6, 2024

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could... High Unreviewed

CVE-2024-3486 was published May 15, 2024

Previous 1 2 3 4 5 … 28 29 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

702 advisories