GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,480

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,049 advisories

Filter by severity

Sort by

Least recently updated

IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to a XML External Entity... Critical Unreviewed

CVE-2017-1383 was published May 17, 2022

An XML external entity (XXE) injection vulnerability in Magicpin v3.4 allows attackers to access... High Unreviewed

CVE-2022-31447 was published Jun 15, 2022

ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4... Critical Unreviewed

CVE-2021-45024 was published Jun 18, 2022

A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions <... High Unreviewed

CVE-2022-32285 was published Jun 15, 2022

XML eXternal Entity (XXE) in OBDA systems’ Mastro 1.0 allows remote attackers to read system... High Unreviewed

CVE-2021-40510 was published Jun 22, 2022

IBM MQ 8.0, (9.0, 9.1, 9.2 LTS), and (9.1 and 9.2 CD) are vulnerable to an XML External Entity... Critical Unreviewed

CVE-2022-22489 was published Aug 20, 2022

An Improper XML Parser Configuration issue was discovered in Schneider Electric Wonderware... Moderate Unreviewed

CVE-2017-7907 was published May 17, 2022

SysAid - Okta SSO integration - was found vulnerable to XML External Entity Injection... Critical Unreviewed

CVE-2022-23170 was published Jun 25, 2022

IBM API Connect 5.0.6.0 is vulnerable to an XML External Entity Injection (XXE) attack when... High Unreviewed

CVE-2017-1322 was published May 17, 2022

Vulnerability that affects org.springframework.ws:spring-ws and org.springframework.ws:spring-xml Critical

CVE-2019-3773 was published for org.springframework.ws:spring-ws (Maven) Jan 25, 2019

Due to improper input sanitization of XML input in SAP Business One - version 10.0, an attacker... High Unreviewed

CVE-2022-35168 was published Jul 13, 2022

IBM Security Guardium 10.0 is vulnerable to a XML External Entity Injection (XXE) attack when... High Unreviewed

CVE-2017-1254 was published May 17, 2022

XML External Entity Reference in Eclipse Lyo Moderate

CVE-2021-41042 was published for org.eclipse.lyo:lyo-parent (Maven) Jul 8, 2022

An XML External Entity vulnerability in Cisco WebEx Meetings Server could allow an authenticated,... Moderate Unreviewed

CVE-2017-3811 was published May 17, 2022

Hudson XML API susceptible to External Entity Injection Vunerability prior to v3.3.2 Critical

CVE-2015-8031 was published for org.jvnet.hudson.main:hudson-core (Maven) Jul 15, 2022

XML external entity (XXE) vulnerability in Citrix XenMobile Server 9.x and 10.x before 10.5 RP3... High Unreviewed

CVE-2017-9231 was published May 17, 2022

IBM Curam Social Program Management 6.0 and 7.0 are vulnerable to a denial of service, caused by... Critical Unreviewed

CVE-2016-6111 was published May 17, 2022

IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an... Moderate Unreviewed

CVE-2016-0254 was published May 17, 2022

An XML External Entity (XXE) issue exists in OSCI-Transport 1.2 as used in OSCI Transport Library... Critical Unreviewed

CVE-2017-10670 was published May 17, 2022

IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of service, caused by an XML External... High Unreviewed

CVE-2016-9698 was published May 17, 2022

An XML External Entity Injection vulnerability in Juniper Networks Junos Space versions prior to... Moderate Unreviewed

CVE-2017-2308 was published May 17, 2022

IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to a denial of service, caused... High Unreviewed

CVE-2016-9691 was published May 17, 2022

Insufficient user input in Apache Jetspeed-2 Critical

CVE-2022-32533 was published for org.apache.portals.jetspeed-2:jetspeed-commons (Maven) Jul 7, 2022

XML external entity (XXE) vulnerability in eParakstitajs 3 before 1.3.9 and eParaksts Java lib... High Unreviewed

CVE-2017-6055 was published May 17, 2022

IBM QRadar 7.2 is vulnerable to a denial of service, caused by an XML External Entity Injection ... High Unreviewed

CVE-2016-9724 was published May 17, 2022

Previous 1 2 3 4 5 6 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,049 advisories