Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

470 advisories

Loading
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 is vulnerable to an XML External... High Unreviewed
CVE-2019-4513 was published May 24, 2022
Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data... High Unreviewed
CVE-2019-15637 was published May 24, 2022
The XML-RPC subsystem in Zenoss 2.5.3 allows XXE attacks that lead to unauthenticated information... High Unreviewed
CVE-2019-14258 was published May 24, 2022
IBM InfoSphere Global Name Management 5.0 and 6.0 and IBM InfoSphere Identity Insight 8.1 and 9.0... High Unreviewed
CVE-2019-4433 was published May 24, 2022
IBM Intelligent Operations Center V5.1.0 through V5.2.0 is vulnerable to an XML External Entity... High Unreviewed
CVE-2019-4419 was published May 24, 2022
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, and 19.0.0.2 is... High Unreviewed
CVE-2019-4424 was published May 24, 2022
IBM Security Guardium Big Data Intelligence 4.0 (SonarG) is vulnerable to an XML External Entity... High Unreviewed
CVE-2019-4340 was published May 24, 2022
A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses... High Unreviewed
CVE-2019-1187 was published May 24, 2022
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser... High Unreviewed
CVE-2019-1057 was published May 24, 2022
Zoho ManageEngine AssetExplorer 6.2.0 is vulnerable to an XML External Entity Injection (XXE)... High Unreviewed
CVE-2019-14693 was published May 24, 2022
An issue was discovered in the 3CX Phone system (web) management console 12.5.44178.1002 through... High Unreviewed
CVE-2019-13176 was published May 24, 2022
The Transition Technologies "The Scheduler" app 5.1.3 for Jira allows XXE due to a weakly... High Unreviewed
CVE-2018-14383 was published May 24, 2022
IBM Daeja ViewONE Professional, Standard & Virtual 5.0.5 and 5.0.6 is vulnerable to an XML... High Unreviewed
CVE-2019-4456 was published May 24, 2022
IBM i2 Intelligent Analyis Platform 9.0.0 through 9.1.1 is vulnerable to an XML External Entity... High Unreviewed
CVE-2019-4062 was published May 24, 2022
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When sending an out-of... High Unreviewed
CVE-2019-10266 was published May 24, 2022
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. With a valid administrator... High Unreviewed
CVE-2019-10264 was published May 24, 2022
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Improper Restriction of... High Unreviewed
CVE-2019-7847 was published May 24, 2022
lib/DocumentToText.php in OpenCats before 0.9.4-3 has XXE that allows remote users to read files... High Unreviewed
CVE-2019-13358 was published May 24, 2022
LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification... High Unreviewed
CVE-2019-13031 was published May 24, 2022
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of... High Unreviewed
CVE-2018-20843 was published May 24, 2022
BlogEngine.NET 3.3.7 and earlier allows XXE via an apml file to syndication.axd. High Unreviewed
CVE-2019-11392 was published May 24, 2022
BlogEngine.NET 3.3.7.0 and earlier allows XML External Entity Blind Injection, related to... High Unreviewed
CVE-2019-10718 was published May 24, 2022
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity... High Unreviewed
CVE-2018-1845 was published May 24, 2022
Improper Restriction of XML External Entity Reference Jenkins Token Macro Plugin High
CVE-2019-10337 was published for org.jenkins-ci.plugins:token-macro (Maven) May 24, 2022
secjoker
Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4... High Unreviewed
CVE-2019-3722 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database