GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,135
Composer 4,081
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,106
npm 3,642
NuGet 638
pip 3,258
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 228,998

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

298 advisories

Filter by severity

Sort by

Least recently updated

Windows Performance Monitor in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1,... Moderate Unreviewed

CVE-2017-0170 was published May 17, 2022

XXE in Dive Assistant - Template Builder in Blackwave Dive Assistant - Desktop Edition 8.0 allows... Moderate Unreviewed

CVE-2017-8918 was published May 17, 2022

XML external entity (XXE) vulnerability in bkr/server/jobs.py in Beaker before 20.1 allows remote... Moderate Unreviewed

CVE-2015-3160 was published May 17, 2022

Improper Restriction of XML External Entity Reference in Apache POI Moderate

CVE-2014-3529 was published for org.apache.poi:poi (Maven) May 17, 2022

phpMyAdmin vulnerable to XML external entity (XXE) injection attack Moderate

CVE-2011-4107 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022

XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file... Moderate Unreviewed

CVE-2017-7457 was published May 17, 2022

XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM... Moderate Unreviewed

CVE-2015-0194 was published May 17, 2022

VMware vSphere Client 5.5 before U3e and 6.0 before U2a allows remote vCenter Server and ESXi... Moderate Unreviewed

CVE-2016-7458 was published May 17, 2022

IBM Tivoli Endpoint Manager is vulnerable to a XML External Entity Injection (XXE) attack when... Moderate Unreviewed

CVE-2017-1219 was published May 17, 2022

An XML External Entity vulnerability in Cisco WebEx Meetings Server could allow an authenticated,... Moderate Unreviewed

CVE-2017-3811 was published May 17, 2022

An Improper XML Parser Configuration issue was discovered in Schneider Electric Wonderware... Moderate Unreviewed

CVE-2017-7907 was published May 17, 2022

IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an... Moderate Unreviewed

CVE-2016-0254 was published May 17, 2022

An XML External Entity Injection vulnerability in Juniper Networks Junos Space versions prior to... Moderate Unreviewed

CVE-2017-2308 was published May 17, 2022

XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager... Moderate Unreviewed

CVE-2017-9295 was published May 17, 2022

WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity ... Moderate Unreviewed

CVE-2017-8056 was published May 17, 2022

NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML... Moderate Unreviewed

CVE-2016-5749 was published May 17, 2022

External Entity Processing (XXE) vulnerability in the "risk score" application of NetIQ Access... Moderate Unreviewed

CVE-2016-5748 was published May 17, 2022

XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service. Moderate Unreviewed

CVE-2016-4931 was published May 17, 2022

XML External Entity (XXE) vulnerability in Grails PDF Plugin 0.6 allows remote attackers to read... Moderate Unreviewed

CVE-2017-6344 was published May 17, 2022

XML external entity vulnerability in PRTG Network Monitor before 16.2.23.3077/3078 allows remote... Moderate Unreviewed

CVE-2015-7743 was published May 17, 2022

ZendXml and Zend Framework contain XXE and XEE Vulnerabilities Moderate

CVE-2015-5161 was published for zendframework/zendframework (Composer) May 17, 2022

The XML parser in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0... Moderate Unreviewed

CVE-2016-0284 was published May 17, 2022

XML External Entity Reference in RESTEasy Moderate

CVE-2014-7839 was published for org.jboss.resteasy:resteasy-jaxrs (Maven) May 17, 2022

Apache Solr UpdateRequestHandler for XML resolves XML External Entities Moderate

CVE-2013-6407 was published for org.apache.solr:solr-core (Maven) May 17, 2022

PHPExcel vulnerable to XXE attacks through libxml Moderate

CVE-2014-2054 was published for phpoffice/phpexcel (Composer) May 17, 2022

Previous 1 2 3 4 5 6 7 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

298 advisories