Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

90 advisories

Loading
ZendFramework vulnerable to XXE/XEE attacks Critical
GHSA-f4fj-q6m4-cc52 was published for zendframework/zend-xmlrpc (Composer) Jun 7, 2024
ZendFramework potential XML eXternal Entity injection vectors Critical
GHSA-mhpx-3rv8-wrjm was published for zendframework/zendframework1 (Composer) Jun 7, 2024
Zendframework Denial of Service vector via XEE injection High
GHSA-2jx7-xg83-j2m7 was published for zendframework/zendframework1 (Composer) Jun 7, 2024
Zend-JSON vulnerable to XXE/XEE attacks Critical
GHSA-8x2v-pcg7-94f4 was published for zendframework/zend-json (Composer) Jun 7, 2024
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack Moderate Unreviewed
CVE-2022-28652 was published Jun 5, 2024
Hitachi Vantara Pentaho Business Analytics Server versions before 10.1.0.0 and 9.3.0.7, including... High Unreviewed
CVE-2024-28982 was published Jun 27, 2024
Toshiba printers use XML communication for the API endpoint provided by the printer. For the... Moderate Unreviewed
CVE-2024-27141 was published Jun 14, 2024
Toshiba printers use XML communication for the API endpoint provided by the printer. For the... Moderate Unreviewed
CVE-2024-27142 was published Jun 14, 2024
ebookmeta XML External Entity vulnerability High
CVE-2024-36827 was published for ebookmeta (pip) Jun 7, 2024
Feedgen Vulnerable to XML Denial of Service Attacks Moderate
CVE-2020-5227 was published for feedgen (pip) Jan 28, 2020
ebookmeta XML External Entity vulnerability High
CVE-2024-37388 was published for ebookmeta (pip) Jun 7, 2024
untangle vulnerable to XML Entity Expansion High
CVE-2022-33977 was published for untangle (pip) Aug 6, 2022
XML2Dict XML Entity Expansion Vulnerability High
CVE-2021-25951 was published for XML2Dict (pip) Jul 2, 2021
A vulnerability in the dashboard widget of Cisco Firepower Management Center (FMC) Software could... Moderate Unreviewed
CVE-2021-1267 was published May 24, 2022
REXML denial of service vulnerability High
CVE-2024-43398 was published for rexml (RubyGems) Aug 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database