Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

722 advisories

Loading
IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13,... Moderate Unreviewed
CVE-2018-1801 was published May 13, 2022
IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable... High Unreviewed
CVE-2018-1846 was published May 13, 2022
IBM Daeja ViewONE Professional, Standard & Virtual 5 is vulnerable to a XML External Entity... High Unreviewed
CVE-2018-1835 was published May 13, 2022
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML External Entity Injection (XXE... High Unreviewed
CVE-2018-1844 was published May 13, 2022
IBM WebSphere Application Server 9.0.0.0 through 9.0.0.9 is vulnerable to a XML External Entity... High Unreviewed
CVE-2018-1905 was published May 13, 2022
IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML External Entity Injection ... High Unreviewed
CVE-2018-1920 was published May 13, 2022
IBM Security Identity Manager 7.0.1 is vulnerable to a XML External Entity Injection (XXE) attack... High Unreviewed
CVE-2018-1970 was published May 13, 2022
SAP Business Process Automation (BPA) By Redwood does not sufficiently validate an XML document... High Unreviewed
CVE-2018-2401 was published May 13, 2022
IBM Security Identity Manager 6.0.0 Virtual Appliance is vulnerable to a XML External Entity... High Unreviewed
CVE-2018-2019 was published May 13, 2022
The TIBCO Designer component of TIBCO Software Inc.'s TIBCO Runtime Agent, and TIBCO Runtime... Moderate Unreviewed
CVE-2018-5434 was published May 13, 2022
The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator -... Moderate Unreviewed
CVE-2018-5433 was published May 13, 2022
XML External Entity (XXE) vulnerability in Micro Focus Fortify Audit Workbench (AWB) and Micro... Critical Unreviewed
CVE-2018-6486 was published May 13, 2022
External Entity Attack vulnerability in the ePO extension in McAfee Common UI (CUI) 2.0.2 allows... Moderate Unreviewed
CVE-2018-6670 was published May 13, 2022
In Eclipse Kura versions up to 4.0.0, the Web UI package and component services, the Artemis... High Unreviewed
CVE-2019-10244 was published May 13, 2022
A vulnerability in the web-based user interface of Cisco Internet of Things Field Network... Moderate Unreviewed
CVE-2019-1698 was published May 13, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0 snf 6.0.0.0 is vulnerable to an XML External... High Unreviewed
CVE-2019-4043 was published May 13, 2022
FrostWire version <= frostwire-desktop-6.7.4-build-272 contains a XML External Entity (XXE)... Critical Unreviewed
CVE-2018-1000828 was published May 13, 2022
XML external entity (XXE) vulnerability in the Java XML processing functionality in Play before 2... Critical Unreviewed
CVE-2014-3630 was published May 13, 2022
There is an XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8... Critical Unreviewed
CVE-2018-10653 was published May 13, 2022
XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway... Critical Unreviewed
CVE-2017-9458 was published May 13, 2022
The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option... Moderate Unreviewed
CVE-2015-3451 was published May 13, 2022
Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers to conduct XML External... Critical Unreviewed
CVE-2016-9924 was published May 13, 2022
www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht... Critical Unreviewed
CVE-2017-8110 was published May 13, 2022
perl-XML-Twig: The option to `expand_external_ents`, documented as controlling external entity... Critical Unreviewed
CVE-2016-9180 was published May 13, 2022
The Office Open XML (OOXML) feature in Adobe ColdFusion 10 before Update 21 and 11 before Update... High Unreviewed
CVE-2016-4264 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database