GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
467 advisories
Filter by severity
Ucum-java has an XXE vulnerability in XML parsing
High
CVE-2024-55887
was published
for
org.fhir:ucum
(Maven)
Dec 13, 2024
SimpleSAMLphp xml-common XXE vulnerability
High
CVE-2024-52596
was published
for
simplesamlphp/xml-common
(Composer)
Dec 2, 2024
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow...
High
Unreviewed
CVE-2024-11622
was published
Nov 27, 2024
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow...
High
Unreviewed
CVE-2024-53675
was published
Nov 27, 2024
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow...
High
Unreviewed
CVE-2024-53674
was published
Nov 27, 2024
Liferay Portal has an XXE vulnerability in Java2WsddTask._format
High
CVE-2024-25606
was published
for
com.liferay.portal:com.liferay.util.java
(Maven)
Feb 20, 2024
SimpleSAMLphp vulnerable to XXE in parsing SAML messages
High
GHSA-j5g2-q29x-cw3h
was published
for
simplesamlphp/simplesamlphp
(Composer)
Dec 2, 2024
•
withdrawn
Possible XML External Entity Injection
in iManager GET parameter has been discovered in...
High
Unreviewed
CVE-2023-24466
was published
Nov 22, 2024
XML2Dict XML Entity Expansion Vulnerability
High
CVE-2021-25951
was published
for
XML2Dict
(pip)
Jul 2, 2021
untangle vulnerable to Improper Restriction of XML External Entity Reference
High
CVE-2022-31471
was published
for
untangle
(pip)
Aug 6, 2022
XXE in PHPSpreadsheet's XLSX reader
High
CVE-2024-48917
was published
for
phpoffice/phpspreadsheet
(Composer)
Nov 18, 2024
XmlScanner bypass leads to XXE
High
CVE-2024-47873
was published
for
phpoffice/phpspreadsheet
(Composer)
Nov 18, 2024
GeoServer style upload functionality vulnerable to XML External Entity (XXE) injection
High
CVE-2023-26043
was published
for
GeoNode
(pip)
Aug 30, 2024
Guardrails AI vulnerable to Improper Restriction of XML External Entity Reference
High
CVE-2024-6961
was published
for
guardrails-ai
(pip)
Jul 21, 2024
XML External Entity vulnerability in Easy-XML
High
CVE-2020-26705
was published
for
easy-xml
(pip)
Nov 1, 2021
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an...
High
Unreviewed
CVE-2024-39726
was published
Nov 15, 2024
Kimai has an XXE Leading to Local File Read
High
GHSA-534c-hcr7-67jg
was published
for
kimai/kimai
(Composer)
Sep 17, 2024
XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`
High
CVE-2024-52007
was published
for
ca.uhn.hapi.fhir:org.hl7.fhir.dstu2016may
(Maven)
Nov 8, 2024
Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to...
High
Unreviewed
CVE-2024-10839
was published
Nov 8, 2024
PHPExcel XXE Vulnerability
High
CVE-2015-3542
was published
for
phpoffice/phpexcel
(Composer)
Nov 7, 2024
HAPI FHIR XML External Entity (XXE) vulnerability
High
CVE-2024-51132
was published
for
ca.uhn.hapi.fhir:org.hl7.fhir.convertors
(Maven)
Nov 5, 2024
ebookmeta XML External Entity vulnerability
High
CVE-2024-37388
was published
for
ebookmeta
(pip)
Jun 7, 2024
Improper Restriction of XML External Entity Reference in python-docx
High
CVE-2016-5851
was published
for
python-docx
(pip)
May 13, 2022
XML External Entity Injection in PyWPS
High
CVE-2021-39371
was published
for
pywps
(pip)
Sep 2, 2021
Pysaml2 does not sanitize XML responses
High
CVE-2016-10149
was published
for
pysaml2
(pip)
Jul 16, 2018
ProTip!
Advisories are also available from the
GraphQL API