GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
695 advisories
Filter by severity
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application...
Moderate
Unreviewed
CVE-2024-4189
was published
Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application...
Moderate
Unreviewed
CVE-2024-4184
was published
Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application...
Moderate
Unreviewed
CVE-2024-4690
was published
Oct 16, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection ...
Moderate
Unreviewed
CVE-2024-45072
was published
Oct 16, 2024
When the XML is read from the codes in the PDF and parsed using a DocumentBuilder, the default...
Moderate
Unreviewed
CVE-2024-8602
was published
Oct 14, 2024
Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection...
Low
Unreviewed
CVE-2024-39586
was published
Oct 9, 2024
TopQuadrant TopBraid EDG before version 8.0.1 allows an authenticated attacker to upload an XML...
Moderate
Unreviewed
CVE-2024-45745
was published
Sep 27, 2024
Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure...
Critical
Unreviewed
CVE-2024-7098
was published
Sep 16, 2024
An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before...
High
Unreviewed
CVE-2024-37397
was published
Sep 12, 2024
Loftware Spectrum before 4.6 HF14 allows authenticated XXE attacks.
High
Unreviewed
CVE-2023-37233
was published
Sep 10, 2024
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length...
Critical
Unreviewed
CVE-2024-45490
was published
Aug 30, 2024
XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC...
High
Unreviewed
CVE-2024-22218
was published
Aug 15, 2024
XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to...
High
Unreviewed
CVE-2024-38653
was published
Aug 14, 2024
The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to contain references to...
High
Unreviewed
CVE-2024-6893
was published
Aug 8, 2024
In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE)...
Moderate
Unreviewed
CVE-2024-3930
was published
Jul 30, 2024
Improper Restriction of XML External Entity Reference vulnerability in PruvaSoft Informatics...
Moderate
Unreviewed
CVE-2024-5625
was published
Jul 18, 2024
IBM Engineering Requirements Management DOORS Web Access 9.7.2.8 is vulnerable to an XML External...
High
Unreviewed
CVE-2023-50304
was published
Jul 18, 2024
When the Kiuwan Local Analyzer uploads the scan results to the Kiuwan SAST web
application ...
High
Unreviewed
CVE-2023-49110
was published
Jun 20, 2024
IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 is vulnerable to an XML...
High
Unreviewed
CVE-2023-45192
was published
Jun 6, 2024
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1...
Moderate
Unreviewed
CVE-2024-4357
was published
May 15, 2024
XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could...
High
Unreviewed
CVE-2024-3486
was published
May 15, 2024
Microsoft SharePoint Server Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-30043
was published
May 14, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure...
Moderate
Unreviewed
CVE-2023-51601
was published
May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure...
Moderate
Unreviewed
CVE-2023-51600
was published
May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure...
Moderate
Unreviewed
CVE-2023-51605
was published
May 3, 2024
ProTip!
Advisories are also available from the
GraphQL API