Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

298 advisories

Loading
XML External Entities Vulnerability in CVRF-CSAF-Converter Moderate
CVE-2022-27193 was published for cvrf2csaf (pip) Mar 16, 2022
A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10... Moderate Unreviewed
CVE-2022-0861 was published Mar 24, 2022
Improper Restriction of XML External Entity Reference in wutka jox Moderate
CVE-2021-43142 was published for com.wutka:jox (Maven) Apr 1, 2022
When opening a malicious solution file provided by an attacker, the application suffers from an... Moderate Unreviewed
CVE-2022-1018 was published Apr 3, 2022
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... Moderate Unreviewed
CVE-2022-0221 was published Apr 14, 2022
The affected product is vulnerable to a network-based attack by threat actors supplying a crafted... Moderate Unreviewed
CVE-2021-43990 was published Apr 21, 2022
Arbitrary file access through XML parsing in org.xwiki.commons:xwiki-commons-xml Moderate
CVE-2022-24898 was published for org.xwiki.commons:xwiki-commons-xml (Maven) Apr 28, 2022
BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML... Moderate Unreviewed
CVE-2016-9563 was published Apr 30, 2022
The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to... Moderate Unreviewed
CVE-2005-1306 was published May 1, 2022
In four instances DMARS (All versions prior to v2.1.10.24) does not properly restrict references... Moderate Unreviewed
CVE-2022-1331 was published May 4, 2022
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice... Moderate Unreviewed
CVE-2012-0037 was published May 4, 2022
Talend Administration Center has a vulnerability that allows an authenticated user to use XML... Moderate Unreviewed
CVE-2022-29943 was published May 5, 2022
expat 2.1.0 and earlier does not properly handle entities expansion unless an application... Moderate Unreviewed
CVE-2013-0340 was published May 5, 2022
Improper Restriction of XML External Entity Reference in Castor Moderate
CVE-2014-3004 was published for org.codehaus.castor:castor (Maven) May 13, 2022
In Single Sign-On for Pivotal Cloud Foundry (PCF) 1.3.x versions prior to 1.3.4 and 1.4.x... Moderate Unreviewed
CVE-2017-8040 was published May 13, 2022
XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows... Moderate Unreviewed
CVE-2017-11457 was published May 13, 2022
XML external entity (XXE) vulnerability in Geist WatchDog Console 3.2.2 allows remote... Moderate Unreviewed
CVE-2018-10077 was published May 13, 2022
Moodle Arbitrary File Read via XML External Entity vulnerability Moderate
CVE-2014-3543 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
IBM Security Access Manager for Web is vulnerable to a denial of service, caused by an XML... Moderate Unreviewed
CVE-2016-3027 was published May 13, 2022
Apache POI's XLSX2CSV Example XML External Entity (XXE) Vulnerability Moderate
CVE-2016-5000 was published for org.apache.poi:poi-examples (Maven) May 13, 2022
A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior... Moderate Unreviewed
CVE-2018-0218 was published May 13, 2022
A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior... Moderate Unreviewed
CVE-2018-0207 was published May 13, 2022
The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option... Moderate Unreviewed
CVE-2015-3451 was published May 13, 2022
A vulnerability in the web-based user interface of Cisco Internet of Things Field Network... Moderate Unreviewed
CVE-2019-1698 was published May 13, 2022
External Entity Attack vulnerability in the ePO extension in McAfee Common UI (CUI) 2.0.2 allows... Moderate Unreviewed
CVE-2018-6670 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database