Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

298 advisories

Loading
TopQuadrant TopBraid EDG before version 8.0.1 allows an authenticated attacker to upload an XML... Moderate Unreviewed
CVE-2024-45745 was published Sep 27, 2024
SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details... Moderate Unreviewed
CVE-2023-41365 was published Oct 10, 2023
XML External Entity Reference in Glances Moderate
CVE-2021-23418 was published for Glances (pip) Aug 9, 2021
An issue was discovered in OverIT Geocall before version 8.0. An authenticated user who has the... Moderate Unreviewed
CVE-2022-22835 was published Mar 11, 2022
Kimai has an XXE Leading to Local File Read Moderate
GHSA-534c-hcr7-67jg was published for kimai/kimai (Composer) Sep 17, 2024
ixSly
Electronic Deliverables Creation Support Tool (Construction Edition) prior to Ver1.0.4 and... Moderate Unreviewed
CVE-2024-21796 was published Jan 24, 2024
GeoServer style upload functionality vulnerable to XML External Entity (XXE) injection Moderate
CVE-2023-26043 was published for GeoNode (pip) Aug 30, 2024
jorgectf
ClassGraph XML External Entity Reference Moderate
CVE-2021-47621 was published for io.github.classgraph:classgraph (Maven) Jun 21, 2024
Improper restriction of XML external entity references vulnerability exists in FitNesse all... Moderate Unreviewed
CVE-2024-28039 was published Mar 18, 2024
Guardrails AI vulnerable to Improper Restriction of XML External Entity Reference Moderate
CVE-2024-6961 was published for guardrails-ai (pip) Jul 21, 2024
In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE)... Moderate Unreviewed
CVE-2024-3930 was published Jul 30, 2024
Improper Restriction of XML External Entity Reference vulnerability in PruvaSoft Informatics... Moderate Unreviewed
CVE-2024-5625 was published Jul 18, 2024
XML External Entity (XXE) in Django Moderate
CVE-2013-1665 was published for Django (pip) May 17, 2022
MarkLee131
XML Entity Expansion (XEE) in Django Moderate
CVE-2013-1664 was published for Django (pip) May 17, 2022
MarkLee131
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1... Moderate Unreviewed
CVE-2024-4357 was published May 15, 2024
OpenStack Swift XML external entities (XXE) Injection Moderate
CVE-2022-47950 was published for swift (pip) Jan 18, 2023
Microsoft SharePoint Server Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-30043 was published May 14, 2024
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to... Moderate Unreviewed
CVE-2024-23525 was published Jan 18, 2024
codehaus-plexus vulnerable to XML injection Moderate
CVE-2022-4245 was published for org.codehaus.plexus:plexus-utils (Maven) Sep 25, 2023
Voltronic Power ViewPower Pro doDocument XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51591 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51605 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51600 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51601 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51602 was published May 3, 2024
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure... Moderate Unreviewed
CVE-2023-51604 was published May 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database