GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,556

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

722 advisories

Filter by severity

Sort by

Least recently updated

It was found that the JAXP implementation used in JBoss EAP 7.0 for SAX and DOM parsing is... Critical Unreviewed

CVE-2017-7464 was published May 13, 2022

It was found that the JAXP implementation used in JBoss EAP 7.0 for XSLT processing is vulnerable... Critical Unreviewed

CVE-2017-7465 was published May 13, 2022

A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow... Moderate Unreviewed

CVE-2018-0100 was published May 13, 2022

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to... Moderate Unreviewed

CVE-2018-0108 was published May 13, 2022

A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an... Moderate Unreviewed

CVE-2018-0414 was published May 13, 2022

SEL AcSELerator Architect version 2.2.24.0 and prior allows unsanitized input to be passed to the... Critical Unreviewed

CVE-2018-10600 was published May 13, 2022

An XXE vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the... High Unreviewed

CVE-2018-10614 was published May 13, 2022

Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the... High Unreviewed

CVE-2018-10613 was published May 13, 2022

The BusinessWorks engine component of TIBCO Software Inc.'s TIBCO ActiveMatrix BusinessWorks,... High Unreviewed

CVE-2018-12408 was published May 13, 2022

A External Entity Reference ('XXE') vulnerability in SUSE Linux SMT allows remote attackers to... High Unreviewed

CVE-2018-12471 was published May 13, 2022

A vulnerability in the web-based user interface of Cisco Energy Management Suite Software could... High Unreviewed

CVE-2018-15444 was published May 13, 2022

In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2... Moderate Unreviewed

CVE-2018-17889 was published May 13, 2022

An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter... High Unreviewed

CVE-2018-17912 was published May 13, 2022

Spacewalk 2.6 contains an API which has an XXE flaw allowing for the disclosure of potentially... High Unreviewed

CVE-2018-1077 was published May 13, 2022

IBM Marketing Platform 9.1.0, 9.1.2, and 10.1 is vulnerable to a XML External Entity Injection ... High Unreviewed

CVE-2018-1424 was published May 13, 2022

IBM WebSphere DataPower Appliances 7.1, 7.2, 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to a XML... High Unreviewed

CVE-2018-1421 was published May 13, 2022

IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration... High Unreviewed

CVE-2018-1542 was published May 13, 2022

IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through... High Unreviewed

CVE-2018-1588 was published May 13, 2022

IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable... High Unreviewed

CVE-2018-1607 was published May 13, 2022

IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 - 7.5.0.16, 7.5.1.0 - 7.5.1... High Unreviewed

CVE-2018-1669 was published May 13, 2022

IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 are... High Unreviewed

CVE-2018-1702 was published May 13, 2022

IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External... Critical Unreviewed

CVE-2018-1727 was published May 13, 2022

IBM QRadar SIEM 7.2 and 7.3 is vulnerable to a XML External Entity Injection (XXE) attack when... High Unreviewed

CVE-2018-1730 was published May 13, 2022

IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 is vulnerable to a XML External Entity... High Unreviewed

CVE-2018-1747 was published May 13, 2022

IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13,... Moderate Unreviewed

CVE-2018-1801 was published May 13, 2022

Previous 1 2 … 23 24 25 26 27 28 29 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

722 advisories