Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

322 advisories

Loading
In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE... Moderate Unreviewed
CVE-2024-56356 was published Dec 20, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText™ Operations... Moderate Unreviewed
CVE-2021-22501 was published Dec 19, 2024
SimpleSAMLphp SAML2 has an XXE in parsing SAML messages Moderate
CVE-2024-52806 was published for simplesamlphp/saml2 (Composer) Dec 2, 2024
ahacker1-securesaml
Microsoft SharePoint Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-49064 was published Dec 12, 2024
When the XML is read from the codes in the PDF and parsed using a DocumentBuilder, the default... Moderate Unreviewed
CVE-2024-8602 was published Oct 14, 2024
Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and... Moderate Unreviewed
CVE-2024-49535 was published Dec 10, 2024
unstructured XML External Entity (XXE) Moderate
CVE-2024-46455 was published for unstructured (pip) Dec 9, 2024
A vulnerability has been identified in COMOS V10.3 (All versions < V10.3.3.5.8), COMOS V10.4.0 ... Moderate Unreviewed
CVE-2024-49704 was published Dec 10, 2024
A vulnerability has been identified in COMOS V10.3 (All versions < V10.3.3.5.8), COMOS V10.4.0 ... Moderate Unreviewed
CVE-2024-54005 was published Dec 10, 2024
Due to missing validation of XML input, an unauthenticated attacker could send malicious input to... Moderate Unreviewed
CVE-2024-47582 was published Dec 10, 2024
Laravel v11.x was discovered to contain an XML External Entity (XXE) vulnerability. Moderate Unreviewed
CVE-2024-40075 was published Jul 22, 2024
A XML External Entity (XXE) vulnerability has been identified in Easy Tax Client Software 2023 1... Moderate Unreviewed
CVE-2024-9044 was published Nov 29, 2024
An XML External Entity (XXE) vulnerability in the Import object and Translation Memory import... Moderate Unreviewed
CVE-2024-50848 was published Nov 18, 2024
A vulnerability in the web UI of Cisco&nbsp;SD-WAN vManage Software could allow an authenticated,... Moderate Unreviewed
CVE-2020-26066 was published Nov 18, 2024
A vulnerability in the web UI of Cisco&nbsp;SD-WAN vManage Software could allow an authenticated,... Moderate Unreviewed
CVE-2021-1483 was published Nov 15, 2024
A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS... Moderate Unreviewed
CVE-2024-5919 was published Nov 14, 2024
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read... Moderate Unreviewed
CVE-2024-20531 was published Nov 6, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection ... Moderate Unreviewed
CVE-2024-45086 was published Nov 4, 2024
e-Tax software Version3.0.10 and earlier improperly restricts XML external entity references (XXE... Moderate Unreviewed
CVE-2023-46802 was published Nov 6, 2023
Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor... Moderate Unreviewed
CVE-2024-50442 was published Oct 28, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed
CVE-2024-4690 was published Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed
CVE-2024-4184 was published Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed
CVE-2024-4189 was published Oct 16, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection ... Moderate Unreviewed
CVE-2024-45072 was published Oct 16, 2024
Apache XML Graphics FOP XML External Entity Reference ('XXE') vulnerability Moderate
CVE-2024-28168 was published for org.apache.xmlgraphics:fop-core (Maven) Oct 9, 2024
westonsteimel
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database