Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

322 advisories

Loading
Laravel v11.x was discovered to contain an XML External Entity (XXE) vulnerability. Moderate Unreviewed
CVE-2024-40075 was published Jul 22, 2024
Improper Restriction of XML External Entity Reference vulnerability in PruvaSoft Informatics... Moderate Unreviewed
CVE-2024-5625 was published Jul 18, 2024
ClassGraph XML External Entity Reference Moderate
CVE-2021-47621 was published for io.github.classgraph:classgraph (Maven) Jun 21, 2024
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1... Moderate Unreviewed
CVE-2024-4357 was published May 15, 2024
Microsoft SharePoint Server Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-30043 was published May 14, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51602 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51604 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51600 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51605 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51601 was published May 3, 2024
Voltronic Power ViewPower Pro doDocument XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51591 was published May 3, 2024
Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-42035 was published May 3, 2024
Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information... Moderate Unreviewed
CVE-2023-39472 was published May 3, 2024
Apache Zeppelin SAP: connecting to a malicious SAP server allowed it to perform XXE Moderate
CVE-2022-47894 was published for org.apache.zeppelin:sap (Maven) Apr 9, 2024
Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection... Moderate Unreviewed
CVE-2024-25971 was published Mar 28, 2024
In JetBrains TeamCity before 2024.03 xXE was possible in the Maven build steps detector Moderate Unreviewed
CVE-2024-31139 was published Mar 28, 2024
A vulnerability classified as problematic was found in lakernote EasyAdmin up to 20240315. This... Moderate Unreviewed
CVE-2024-2826 was published Mar 22, 2024
Improper restriction of XML external entity references vulnerability exists in FitNesse all... Moderate Unreviewed
CVE-2024-28039 was published Mar 18, 2024
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an... Moderate Unreviewed
CVE-2023-25926 was published Feb 29, 2024
Apache Ambari XML External Entity injection Moderate
CVE-2023-50380 was published for org.apache.ambari.contrib.views:wfmanager (Maven) Feb 27, 2024
oscerd
The XML parser in Magic xpi Integration Platform 4.13.4 allows XXE attacks, e.g., via onItemImport. Moderate Unreviewed
CVE-2023-52239 was published Feb 6, 2024
When SEW-EURODRIVE MOVITOOLS MotionStudio processes XML information unrestricted file access can... Moderate Unreviewed
CVE-2024-1167 was published Feb 1, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText AppBuilder on... Moderate Unreviewed
CVE-2023-4554 was published Jan 29, 2024
Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture... Moderate Unreviewed
CVE-2024-22380 was published Jan 24, 2024
Electronic Delivery Check System (Doboku) Ver.18.1.0 and earlier, Electronic Delivery Check... Moderate Unreviewed
CVE-2024-21765 was published Jan 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database