Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

322 advisories

Loading
XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml... Moderate Unreviewed
CVE-2017-9095 was published May 17, 2022
TablePress prior to version 1.8.1 allows an attacker to conduct XML External Entity (XXE) attacks... Moderate Unreviewed
CVE-2017-10889 was published May 17, 2022
XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7... Moderate Unreviewed
CVE-2016-0219 was published May 14, 2022
Multiple XML external entity (XXE) vulnerabilities in the AiCloud feature on ASUS DSL-AC51, DSL... Moderate Unreviewed
CVE-2017-14699 was published May 14, 2022
A external entity processing information disclosure (XXE) vulnerability in Trend Micro Control... Moderate Unreviewed
CVE-2018-3600 was published May 14, 2022
XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6... Moderate Unreviewed
CVE-2016-0369 was published May 14, 2022
XML external entity (XXE) vulnerability in IBM Financial Transaction Manager (FTM) for ACH... Moderate Unreviewed
CVE-2016-0268 was published May 14, 2022
An XML external entity injection (XXE) vulnerability in Trend Micro Email Encryption Gateway 5.5... Moderate Unreviewed
CVE-2018-6225 was published May 14, 2022
XML external entity (XXE) vulnerability in IBM InfoSphere Information Governance Catalog 11.3... Moderate Unreviewed
CVE-2016-0250 was published May 14, 2022
The Upload File functionality in upload.jspa in Aurea Jive Jive-n 9.0.2.1 On-Premises allows for... Moderate Unreviewed
CVE-2018-5758 was published May 14, 2022
Digital Guardian Management Console 7.1.2.0015 has an XXE issue. Moderate Unreviewed
CVE-2018-10175 was published May 14, 2022
ModbusPal 1.6b is vulnerable to an XML External Entity (XXE) attack. Projects are saved as .xmpp... Moderate Unreviewed
CVE-2018-10832 was published May 14, 2022
XML External Entity processing vulnerability in Jenkins Black Duck Hub Plugin Moderate
CVE-2018-1000198 was published for com.blackducksoftware.integration:blackduck-hub (Maven) May 14, 2022
Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow XXE. Moderate Unreviewed
CVE-2018-11719 was published May 14, 2022
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS)... Moderate Unreviewed
CVE-2018-8533 was published May 14, 2022
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS)... Moderate Unreviewed
CVE-2018-8527 was published May 14, 2022
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS)... Moderate Unreviewed
CVE-2018-8532 was published May 14, 2022
The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has an XXE Vulnerability that... Moderate Unreviewed
CVE-2018-19371 was published May 14, 2022
S3 Browser before 8.1.5 contains an XML external entity (XXE) vulnerability, allowing remote... Moderate Unreviewed
CVE-2018-20298 was published May 14, 2022
The Upload add-on resource in Atlassian Universal Plugin Manager before version 2.22.14 allows... Moderate Unreviewed
CVE-2018-20233 was published May 14, 2022
Processing Foundation Processing version 3.4 and earlier contains a XML External Entity (XXE)... Moderate Unreviewed
CVE-2018-1000840 was published May 14, 2022
SLD Registration of ABAP Platform allows an attacker to prevent legitimate users from accessing a... Moderate Unreviewed
CVE-2019-0265 was published May 14, 2022
SAP HANA extended application services, version 1, advanced does not sufficiently validate an XML... Moderate Unreviewed
CVE-2019-0277 was published May 14, 2022
FreePlane version 1.5.9 and earlier contains a XML External Entity (XXE) vulnerability in XML... Moderate Unreviewed
CVE-2018-1000069 was published May 14, 2022
Windows System Information Console in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows... Moderate Unreviewed
CVE-2017-8557 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database