Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

322 advisories

Loading
The TIBCO Designer component of TIBCO Software Inc.'s TIBCO Runtime Agent, and TIBCO Runtime... Moderate Unreviewed
CVE-2018-5434 was published May 13, 2022
The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator -... Moderate Unreviewed
CVE-2018-5433 was published May 13, 2022
IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13,... Moderate Unreviewed
CVE-2018-1801 was published May 13, 2022
In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2... Moderate Unreviewed
CVE-2018-17889 was published May 13, 2022
Improper Restriction of XML External Entity Reference in Elasticsearch Moderate
CVE-2018-17247 was published for org.elasticsearch:elasticsearch (Maven) May 13, 2022
A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an... Moderate Unreviewed
CVE-2018-0414 was published May 13, 2022
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to... Moderate Unreviewed
CVE-2018-0108 was published May 13, 2022
A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow... Moderate Unreviewed
CVE-2018-0100 was published May 13, 2022
XML External Entity Reference in jbpmmigration Moderate
CVE-2017-7545 was published for org.jbpm.jbpm5:jbpmmigration (Maven) May 13, 2022
The ifmap service that comes bundled with Contrail has an XML External Entity (XXE) vulnerability... Moderate Unreviewed
CVE-2017-10617 was published May 13, 2022
Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10.4 update 1 allows remote... Moderate Unreviewed
CVE-2015-2125 was published May 13, 2022
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products ... Moderate Unreviewed
CVE-2017-3548 was published May 13, 2022
An XML External Entity vulnerability in the web-based user interface of the Cisco Secure Access... Moderate Unreviewed
CVE-2017-3839 was published May 13, 2022
The Microsoft Common Console Document (.msc) in Microsoft Windows 7 SP1, Windows Server 2008 SP2... Moderate Unreviewed
CVE-2017-8710 was published May 13, 2022
Several Zend Products Vulnerable to XXE and XEE attacks Moderate
CVE-2014-2683 was published for zendframework/zendframework1 (Composer) May 14, 2022
Several Zend Products Vulnerable to XXE and XEE attacks Moderate
CVE-2014-2682 was published for zendframework/zendframework1 (Composer) May 14, 2022
Several Zend Products Vulnerable to XXE and XEE attacks Moderate
CVE-2014-2681 was published for zendframework/zendframework1 (Composer) May 14, 2022
Improper Restriction of XML External Entity Reference in Apache uimaj Moderate
CVE-2017-15691 was published for org.apache.uima:uimafit-core (Maven) May 14, 2022
The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read... Moderate Unreviewed
CVE-2013-1824 was published May 14, 2022
SLD Registration in SAP HANA (fixed in versions 1.0, 2.0) does not sufficiently validate an XML... Moderate Unreviewed
CVE-2019-0284 was published May 14, 2022
An XML External Entity Injection (XXE) vulnerability in the Management System (console) of... Moderate Unreviewed
CVE-2019-8997 was published May 14, 2022
The administration backup restore resource in Atlassian Crowd before version 3.0.2 and from... Moderate Unreviewed
CVE-2017-18110 was published May 14, 2022
Windows System Information Console in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows... Moderate Unreviewed
CVE-2017-8557 was published May 14, 2022
FreePlane version 1.5.9 and earlier contains a XML External Entity (XXE) vulnerability in XML... Moderate Unreviewed
CVE-2018-1000069 was published May 14, 2022
SAP HANA extended application services, version 1, advanced does not sufficiently validate an XML... Moderate Unreviewed
CVE-2019-0277 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database