GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
225 advisories
Filter by severity
HuTool XML parsing module has blind XXE vulnerability
High
CVE-2023-3276
was published
for
cn.hutool:hutool-core
(Maven)
Jun 15, 2023
Jenkins Visual Studio Code Metrics Plugin vulnerable to XML external entity (XXE) attacks
High
CVE-2023-28681
was published
for
org.jenkins-ci.plugins:vs-code-metrics
(Maven)
Apr 2, 2023
Jenkins Crap4J Plugin vulnerable to XML external entity (XXE) attacks
High
CVE-2023-28680
was published
for
org.jenkins-ci.plugins:crap4j
(Maven)
Apr 2, 2023
Jenkins Performance Publisher Plugin vulnerable to XML external entity (XXE) attacks
High
CVE-2023-28682
was published
for
org.jenkins-ci.plugins:perfpublisher
(Maven)
Apr 2, 2023
Jenkins Phabricator Differential Plugin vulnerable to XML external entity (XXE) attacks
High
CVE-2023-28683
was published
for
org.jenkins-ci.plugins:phabricator-plugin
(Maven)
Apr 2, 2023
Jenkins remote-jobs-view-plugin vulnerable to XML external entity attacks
High
CVE-2023-28684
was published
for
com.sap.jenkinsci:remote-jobs-view-plugin
(Maven)
Apr 2, 2023
XWiki Platform vulnerable to data leak via Improper Restriction of XML External Entity Reference
High
CVE-2023-27480
was published
for
org.xwiki.platform:xwiki-platform-xar-model
(Maven)
Mar 8, 2023
XML External Entity (XXE) vulnerability in apoc.import.graphml
Moderate
GHSA-9vx8-f5c4-862x
was published
for
org.neo4j.procedure:apoc
(Maven)
Feb 24, 2023
dd-plist XML External Entitly vulnerability
High
CVE-2016-15026
was published
for
com.googlecode.plist:dd-plist
(Maven)
Feb 20, 2023
java-xmlbuilder vulnerable to XML External Entity Reference
Critical
CVE-2014-125087
was published
for
com.jamesmurty.utils:java-xmlbuilder
(Maven)
Feb 19, 2023
XML External Entity (XXE) vulnerability in apoc.import.graphml
Moderate
CVE-2023-23926
was published
for
org.neo4j.procedure:apoc-core
(Maven)
Feb 16, 2023
XML External Entity Reference in ureport
High
CVE-2023-24187
was published
for
com.bstek.ureport:ureport2-core
(Maven)
Feb 14, 2023
XML External Entity Reference in Apache NiFi
High
CVE-2023-22832
was published
for
org.apache.nifi:nifi
(Maven)
Feb 10, 2023
Agent-to-controller security bypass in Jenkins Semantic Versioning Plugin
Critical
CVE-2023-24429
was published
for
org.jenkins-ci.plugins:semantic-versioning-plugin
(Maven)
Jan 26, 2023
XML external entity reference vulnerability on agents in Jenkins Semantic Versioning Plugin
Critical
CVE-2023-24430
was published
for
org.jenkins-ci.plugins:semantic-versioning-plugin
(Maven)
Jan 26, 2023
XML Entity Expansion in Jenkins TestComplete support Plugin
Critical
CVE-2023-24443
was published
for
org.jenkins-ci.plugins:TestComplete
(Maven)
Jan 26, 2023
dssp vulnerable to Improper Restriction of XML External Entity Reference
Critical
CVE-2016-15011
was published
for
be.e_contract.dssp:dssp-client
(Maven)
Jan 6, 2023
bonita-connector-webservice XML External Entity vulnerability
Critical
CVE-2020-36640
was published
for
org.bonitasoft.connectors:bonita-connector-webservice
(Maven)
Jan 5, 2023
aXMLRPC XML External Entity vulnerability
Critical
CVE-2020-36641
was published
for
fr.turri:aXMLRPC
(Maven)
Jan 5, 2023
iText RUPS XML External Entity vulnerability
Critical
CVE-2017-20151
was published
for
com.itextpdf:itext-rups
(Maven)
Dec 30, 2022
Jenkins Plot Plugin XML External Entity Reference vulnerability
High
CVE-2022-46682
was published
for
org.jenkins-ci.plugins:plot
(Maven)
Dec 12, 2022
XML External Entity Reference in Jenkins CCCC Plugin
Critical
CVE-2022-45395
was published
for
com.thalesgroup.jenkins-ci.plugins:cccc
(Maven)
Nov 16, 2022
XXE vulnerability on agents in Jenkins SourceMonitor Plugin
Moderate
CVE-2022-45396
was published
for
com.thalesgroup.hudson.plugins:sourcemonitor
(Maven)
Nov 16, 2022
XXE vulnerability on agents in Jenkins OSF Builder Suite : : XML Linter Plugin
Moderate
CVE-2022-45397
was published
for
org.jenkins-ci:update-center2
(Maven)
Nov 16, 2022
XXE vulnerability in Jenkins JAPEX Plugin
High
CVE-2022-45400
was published
for
org.jvnet.hudson.plugins:japex
(Maven)
Nov 16, 2022
ProTip!
Advisories are also available from the
GraphQL API