Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,049 advisories

Loading
OWSLib vulnerable to XML External Entity (XXE) Injection High
CVE-2023-27476 was published for OWSLib (pip) Mar 7, 2023
jorgectf
Improper Restriction of XML External Entity Reference in Openpyxl Moderate
CVE-2017-5992 was published for openpyxl (pip) May 17, 2022
chenghlee
XXE in PHPSpreadsheet's XLSX reader High
CVE-2024-45293 was published for phpoffice/phpspreadsheet (Composer) Oct 7, 2024
0xshade ixSly
Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection... Low Unreviewed
CVE-2024-39586 was published Oct 9, 2024
Improper Restriction of XML External Entity Reference in pikepdf High
CVE-2021-29421 was published for pikepdf (pip) Apr 20, 2021
XXE in petl High
CVE-2020-29128 was published for petl (pip) Dec 2, 2020
nvn1729
An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in... Moderate Unreviewed
CVE-2023-5136 was published Nov 8, 2023
Apache XML Graphics FOP XML External Entity Reference ('XXE') vulnerability Moderate
CVE-2024-28168 was published for org.apache.xmlgraphics:fop-core (Maven) Oct 9, 2024
westonsteimel
XML External Entity Reference in Apache NiFi High
CVE-2023-22832 was published for org.apache.nifi:nifi-ccda-processors (Maven) Feb 10, 2023
exceptionfactory
Improper Restriction of XML External Entity Reference in Plone High
CVE-2020-28736 was published for Plone (pip) Apr 7, 2021
XML external entity injection in Terracotta Quartz Scheduler Critical
CVE-2019-13990 was published for org.quartz-scheduler:quartz (Maven) Jul 1, 2020
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection ... Moderate Unreviewed
CVE-2024-45072 was published Oct 16, 2024
Improper Restriction of XML External Entity Reference in Quokka Critical
CVE-2020-18703 was published for quokka (pip) Aug 30, 2021
Improper Restriction of XML External Entity Reference in Quokka Critical
CVE-2020-18705 was published for quokka (pip) Aug 30, 2021
Improper Restriction of XML External Entity Reference in Plone High
CVE-2020-28734 was published for Plone (pip) Apr 7, 2021
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed
CVE-2024-4189 was published Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed
CVE-2024-4184 was published Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed
CVE-2024-4690 was published Oct 16, 2024
PyAMF vulnerable to XML external entity (XXE) High
CVE-2015-8549 was published for pyamf (pip) May 24, 2022
Pysaml2 does not sanitize XML responses High
CVE-2016-10149 was published for pysaml2 (pip) Jul 16, 2018
PySAML2 XML external entity attack Critical
CVE-2016-10127 was published for pysaml2 (pip) May 17, 2022
jhutchings1
XML External Entity Injection in PyWPS High
CVE-2021-39371 was published for pywps (pip) Sep 2, 2021
tdunlap607
Improper Restriction of XML External Entity Reference in python-docx High
CVE-2016-5851 was published for python-docx (pip) May 13, 2022
tdunlap607
Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor... Moderate Unreviewed
CVE-2024-50442 was published Oct 28, 2024
SVGlib Vulnerable to XXE Attacks Critical
CVE-2020-10799 was published for svglib (pip) May 6, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database