Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

298 advisories

Loading
SLD Registration of ABAP Platform allows an attacker to prevent legitimate users from accessing a... Moderate Unreviewed
CVE-2019-0265 was published May 14, 2022
Processing Foundation Processing version 3.4 and earlier contains a XML External Entity (XXE)... Moderate Unreviewed
CVE-2018-1000840 was published May 14, 2022
The Upload add-on resource in Atlassian Universal Plugin Manager before version 2.22.14 allows... Moderate Unreviewed
CVE-2018-20233 was published May 14, 2022
S3 Browser before 8.1.5 contains an XML external entity (XXE) vulnerability, allowing remote... Moderate Unreviewed
CVE-2018-20298 was published May 14, 2022
The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has an XXE Vulnerability that... Moderate Unreviewed
CVE-2018-19371 was published May 14, 2022
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS)... Moderate Unreviewed
CVE-2018-8532 was published May 14, 2022
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS)... Moderate Unreviewed
CVE-2018-8533 was published May 14, 2022
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS)... Moderate Unreviewed
CVE-2018-8527 was published May 14, 2022
Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow XXE. Moderate Unreviewed
CVE-2018-11719 was published May 14, 2022
XML External Entity processing vulnerability in Jenkins Black Duck Hub Plugin Moderate
CVE-2018-1000198 was published for com.blackducksoftware.integration:blackduck-hub (Maven) May 14, 2022
ModbusPal 1.6b is vulnerable to an XML External Entity (XXE) attack. Projects are saved as .xmpp... Moderate Unreviewed
CVE-2018-10832 was published May 14, 2022
Digital Guardian Management Console 7.1.2.0015 has an XXE issue. Moderate Unreviewed
CVE-2018-10175 was published May 14, 2022
The Upload File functionality in upload.jspa in Aurea Jive Jive-n 9.0.2.1 On-Premises allows for... Moderate Unreviewed
CVE-2018-5758 was published May 14, 2022
XML external entity (XXE) vulnerability in IBM InfoSphere Information Governance Catalog 11.3... Moderate Unreviewed
CVE-2016-0250 was published May 14, 2022
An XML external entity injection (XXE) vulnerability in Trend Micro Email Encryption Gateway 5.5... Moderate Unreviewed
CVE-2018-6225 was published May 14, 2022
XML external entity (XXE) vulnerability in IBM Financial Transaction Manager (FTM) for ACH... Moderate Unreviewed
CVE-2016-0268 was published May 14, 2022
XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6... Moderate Unreviewed
CVE-2016-0369 was published May 14, 2022
A external entity processing information disclosure (XXE) vulnerability in Trend Micro Control... Moderate Unreviewed
CVE-2018-3600 was published May 14, 2022
Multiple XML external entity (XXE) vulnerabilities in the AiCloud feature on ASUS DSL-AC51, DSL... Moderate Unreviewed
CVE-2017-14699 was published May 14, 2022
XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7... Moderate Unreviewed
CVE-2016-0219 was published May 14, 2022
TablePress prior to version 1.8.1 allows an attacker to conduct XML External Entity (XXE) attacks... Moderate Unreviewed
CVE-2017-10889 was published May 17, 2022
XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml... Moderate Unreviewed
CVE-2017-9095 was published May 17, 2022
tasks/feed/readRSS.cfm in Mura CMS before 6.2 allows attackers to bypass intended access... Moderate Unreviewed
CVE-2017-15639 was published May 17, 2022
XML External Entity Reference in Apache NiFi Moderate
CVE-2017-12623 was published for org.apache.nifi:nifi (Maven) May 17, 2022
Umbraco CMS XXE Vulnerability Moderate
CVE-2017-15280 was published for UmbracoCms.Web (NuGet) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database