Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,299
Erlang
31
GitHub Actions
21
Go
2,064
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

469 advisories

Loading
An XML External Entities (XXE) vulnerability in Media Server component of Avaya Equinox... High Unreviewed
CVE-2020-7037 was published May 24, 2022
/exec in TranzWare e-Commerce Payment Gateway (TWEC PG) before 3.1.27.5 had a vulnerability in... High Unreviewed
CVE-2021-28110 was published May 24, 2022
The TIBCO EBX Add-on for Oracle Hyperion EPM, TIBCO EBX Data Exchange Add-on, and TIBCO EBX... High Unreviewed
CVE-2020-27148 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity... High Unreviewed
CVE-2021-20454 was published May 24, 2022
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is vulnerable to XML... High Unreviewed
CVE-2021-22158 was published May 24, 2022
IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when... High Unreviewed
CVE-2021-20502 was published May 24, 2022
SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to... High Unreviewed
CVE-2021-21517 was published May 24, 2022
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External... High Unreviewed
CVE-2019-18943 was published May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected... High Unreviewed
CVE-2020-27858 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity... High Unreviewed
CVE-2020-4949 was published May 24, 2022
A CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists in... High Unreviewed
CVE-2020-7572 was published May 24, 2022
Improper Restriction of XML External Entity Reference in subsystem forIntel(R) Quartus(R) Prime... High Unreviewed
CVE-2020-24454 was published May 24, 2022
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an... High Unreviewed
CVE-2022-42341 was published Oct 15, 2022
An XML external entity (XXE) vulnerability iin Zoho ManageEngine Desktop Central before the 07... High Unreviewed
CVE-2020-8540 was published May 24, 2022
XXE vulnerability in Jenkins Klocwork Analysis Plugin High
CVE-2020-2247 was published for org.jenkins-ci.plugins:klocwork (Maven) May 24, 2022
NotMyFault
XXE vulnerability in Jenkins Valgrind Plugin High
CVE-2020-2245 was published for org.jenkins-ci.plugins:valgrind (Maven) May 24, 2022
NotMyFault
IBM Sterling B2B Integrator Standard Edition 5.2.0 snf 6.0.0.0 is vulnerable to an XML External... High Unreviewed
CVE-2019-4043 was published May 13, 2022
Out-of-Band XML External Entity (OOB-XXE) vulnerability in Zoho ManageEngine Analytics Plus... High Unreviewed
CVE-2020-21641 was published Aug 16, 2022
Jenkins Plot Plugin XML External Entity Reference vulnerability High
CVE-2022-46682 was published for org.jenkins-ci.plugins:plot (Maven) Dec 12, 2022
XML External Entity Reference in Jenkins Recipe Plugin High
CVE-2022-34793 was published for org.jenkins-ci.plugins:recipe (Maven) Jul 1, 2022
NotMyFault
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter... High Unreviewed
CVE-2022-29801 was published May 21, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to an XML External Entity Injection... High Unreviewed
CVE-2022-36773 was published Sep 2, 2022
An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity... High Unreviewed
CVE-2019-6179 was published May 24, 2022
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, and 19.0.0.2 is... High Unreviewed
CVE-2019-4424 was published May 24, 2022
IBM InfoSphere Global Name Management 5.0 and 6.0 and IBM InfoSphere Identity Insight 8.1 and 9.0... High Unreviewed
CVE-2019-4433 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database