GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
298 advisories
Filter by severity
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice...
Moderate
Unreviewed
CVE-2012-0037
was published
May 4, 2022
The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to...
Moderate
Unreviewed
CVE-2005-1306
was published
May 1, 2022
The XML parser in Magic xpi Integration Platform 4.13.4 allows XXE attacks, e.g., via onItemImport.
Moderate
Unreviewed
CVE-2023-52239
was published
Feb 6, 2024
Information disclosure through processing of external XML entities
Moderate
CVE-2019-8126
was published
for
magento/community-edition
(Composer)
Nov 12, 2019
phpMyAdmin vulnerable to XML external entity (XXE) injection attack
Moderate
CVE-2011-4107
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture...
Moderate
Unreviewed
CVE-2024-22380
was published
Jan 24, 2024
Electronic Delivery Check System (Doboku) Ver.18.1.0 and earlier, Electronic Delivery Check...
Moderate
Unreviewed
CVE-2024-21765
was published
Jan 24, 2024
ZendXml and Zend Framework contain XXE and XEE Vulnerabilities
Moderate
CVE-2015-5161
was published
for
zendframework/zendframework
(Composer)
May 17, 2022
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A...
Moderate
Unreviewed
CVE-2023-20052
was published
Mar 1, 2023
When SEW-EURODRIVE MOVITOOLS MotionStudio processes XML information unrestricted file access can...
Moderate
Unreviewed
CVE-2024-1167
was published
Feb 1, 2024
Path traversal allows exploiting XXE vulnerability in Jenkins Job Configuration History Plugin
Moderate
CVE-2023-41932
was published
for
org.jenkins-ci.plugins:jobConfigHistory
(Maven)
Sep 6, 2023
XML External Entity processing vulnerability in Jenkins Black Duck Hub Plugin
Moderate
CVE-2018-1000198
was published
for
com.blackducksoftware.integration:blackduck-hub
(Maven)
May 14, 2022
Improper Restriction of XML External Entity Reference vulnerability in OpenText AppBuilder on...
Moderate
Unreviewed
CVE-2023-4554
was published
Jan 29, 2024
A vulnerability in the module import function of the administrative interface of Cisco Firepower...
Moderate
Unreviewed
CVE-2022-20938
was published
Nov 16, 2022
Qualys Jenkins Plugin for Policy Compliance XML External Entity vulnerability
Moderate
CVE-2023-6147
was published
for
com.qualys.plugins:qualys-pc
(Maven)
Jan 9, 2024
Moodle Arbitrary File Read via XML External Entity vulnerability
Moderate
CVE-2014-3543
was published
for
moodle/moodle
(Composer)
May 13, 2022
Qualys Jenkins Plugin for WAS XML External Entity vulnerability
Moderate
CVE-2023-6149
was published
for
com.qualys.plugins:qualys-was
(Maven)
Jan 9, 2024
Zend Framework XXE Vulnerability
Moderate
CVE-2012-5657
was published
for
zendframework/zendframework1
(Composer)
May 17, 2022
An unauthenticated could abuse a XXE vulnerability in the Smart Device Server to leak data or...
Moderate
Unreviewed
CVE-2023-46265
was published
Dec 19, 2023
XXE vulnerability in Jenkins Subversion Plugin
Moderate
CVE-2020-2304
was published
for
org.jenkins-ci.plugins:subversion
(Maven)
May 24, 2022
Apache Camel XML External Entity vulnerability
Moderate
CVE-2015-0263
was published
for
org.apache.camel:camel-core
(Maven)
Oct 16, 2018
WSO2 products vulnerable to XML External Entity attack
Moderate
CVE-2023-6836
was published
for
org.wso2.am:wso2am
(Maven)
Dec 15, 2023
XXE vulnerability in Jenkins Visualworks Store Plugin
Moderate
CVE-2020-2315
was published
for
org.jenkins-ci.plugins:visualworks-store
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Mercurial Plugin
Moderate
CVE-2020-2305
was published
for
org.jenkins-ci.plugins:mercurial
(Maven)
May 24, 2022
Duplicate Advisory: Eclipse IDE XXE in eclipse.platform
Moderate
GHSA-cc4w-3cff-j8fw
was published
for
org.eclipse.platform:eclipse.platform
(Maven)
Nov 9, 2023
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API