GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,576

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

240 advisories

Filter by severity

Sort by

Least recently updated

Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. An XXE attack... Moderate Unreviewed

CVE-2023-43067 was published Oct 23, 2023

CX-Designer Ver.3.740 and earlier (included in CX-One CXONE-AL[][]D-V4) contains an improper... Moderate Unreviewed

CVE-2023-43624 was published Oct 23, 2023

SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details... Moderate Unreviewed

CVE-2023-41365 was published Oct 10, 2023

FD Application Apr. 2022 Edition (Version 9.01) and earlier improperly restricts XML external... Moderate Unreviewed

CVE-2023-42132 was published Oct 2, 2023

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,... Moderate Unreviewed

CVE-2020-26064 was published Aug 4, 2023

The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity... Moderate Unreviewed

CVE-2023-30951 was published Aug 4, 2023

Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references (XXE... Moderate Unreviewed

CVE-2023-32639 was published Jul 25, 2023

XBRL data create application version 7.0 and earlier improperly restricts XML external entity... Moderate Unreviewed

CVE-2023-32635 was published Jul 19, 2023

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... Moderate Unreviewed

CVE-2023-37200 was published Jul 12, 2023

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... Moderate Unreviewed

CVE-2023-2161 was published Jul 6, 2023

Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view... Moderate Unreviewed

CVE-2023-35786 was published Jul 5, 2023

Improper restriction of XML external entity reference (XXE) vulnerability exists in FRENIC RHC... Moderate Unreviewed

CVE-2023-29498 was published Jun 13, 2023

On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can... Moderate Unreviewed

CVE-2023-32706 was published Jun 1, 2023

A vulnerability classified as problematic was found in Weaver e-cology up to 9.0. Affected by... Moderate Unreviewed

CVE-2023-2806 was published May 19, 2023

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ... Moderate Unreviewed

CVE-2023-20173 was published May 18, 2023

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ... Moderate Unreviewed

CVE-2023-20174 was published May 18, 2023

Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed

CVE-2022-45876 was published Apr 27, 2023

Zoho ManageEngine ServiceDesk Plus through 14104 allows admin users to conduct an XXE attack. Moderate Unreviewed

CVE-2023-29443 was published Apr 26, 2023

An XXE issue was discovered in Nokia NetAct before 22 FP2211 via an XML document to a Performance... Moderate Unreviewed

CVE-2023-26058 was published Apr 25, 2023

An XXE issue was discovered in Nokia NetAct before 22 FP2211 via an XML document to the... Moderate Unreviewed

CVE-2023-26057 was published Apr 25, 2023

All versions of Talend Data Catalog before 8.0-20230110 are potentially vulnerable to XML... Moderate Unreviewed

CVE-2023-26263 was published Apr 13, 2023

All versions of Talend Data Catalog before 8.0-20220907 are potentially vulnerable to XML... Moderate Unreviewed

CVE-2023-26264 was published Apr 13, 2023

A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The application... Moderate Unreviewed

CVE-2023-28828 was published Apr 11, 2023

National land numerical information data conversion tool all versions improperly restricts XML... Moderate Unreviewed

CVE-2023-25955 was published Apr 11, 2023

Zoho ManageEngine Applications Manager through 16320 allows the admin user to conduct an XXE attack. Moderate Unreviewed

CVE-2023-28340 was published Apr 11, 2023

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

240 advisories