Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

322 advisories

Loading
An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in... Moderate Unreviewed
CVE-2023-5136 was published Nov 8, 2023
Improper Restriction of XML External Entity Reference in Openpyxl Moderate
CVE-2017-5992 was published for openpyxl (pip) May 17, 2022
chenghlee
TopQuadrant TopBraid EDG before version 8.0.1 allows an authenticated attacker to upload an XML... Moderate Unreviewed
CVE-2024-45745 was published Sep 27, 2024
SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details... Moderate Unreviewed
CVE-2023-41365 was published Oct 10, 2023
XML External Entity Reference in Glances Moderate
CVE-2021-23418 was published for Glances (pip) Aug 9, 2021
An issue was discovered in OverIT Geocall before version 8.0. An authenticated user who has the... Moderate Unreviewed
CVE-2022-22835 was published Mar 11, 2022
Electronic Deliverables Creation Support Tool (Construction Edition) prior to Ver1.0.4 and... Moderate Unreviewed
CVE-2024-21796 was published Jan 24, 2024
ClassGraph XML External Entity Reference Moderate
CVE-2021-47621 was published for io.github.classgraph:classgraph (Maven) Jun 21, 2024
Improper restriction of XML external entity references vulnerability exists in FitNesse all... Moderate Unreviewed
CVE-2024-28039 was published Mar 18, 2024
In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE)... Moderate Unreviewed
CVE-2024-3930 was published Jul 30, 2024
Improper Restriction of XML External Entity Reference vulnerability in PruvaSoft Informatics... Moderate Unreviewed
CVE-2024-5625 was published Jul 18, 2024
XML External Entity (XXE) in Django Moderate
CVE-2013-1665 was published for Django (pip) May 17, 2022
MarkLee131
XML Entity Expansion (XEE) in Django Moderate
CVE-2013-1664 was published for Django (pip) May 17, 2022
MarkLee131
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1... Moderate Unreviewed
CVE-2024-4357 was published May 15, 2024
OpenStack Swift XML external entities (XXE) Injection Moderate
CVE-2022-47950 was published for swift (pip) Jan 18, 2023
Microsoft SharePoint Server Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-30043 was published May 14, 2024
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to... Moderate Unreviewed
CVE-2024-23525 was published Jan 18, 2024
codehaus-plexus vulnerable to XML injection Moderate
CVE-2022-4245 was published for org.codehaus.plexus:plexus-utils (Maven) Sep 25, 2023
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51605 was published May 3, 2024
Voltronic Power ViewPower Pro doDocument XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51591 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51600 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51601 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51602 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51604 was published May 3, 2024
Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-42035 was published May 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database