GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,147
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,762
NuGet 678
pip 3,447
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,634

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

316 advisories

Filter by severity

Sort by

Least recently updated

IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML External Entity Injection (XXE... High Unreviewed

CVE-2018-1844 was published May 13, 2022

IBM WebSphere Application Server 9.0.0.0 through 9.0.0.9 is vulnerable to a XML External Entity... High Unreviewed

CVE-2018-1905 was published May 13, 2022

IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML External Entity Injection ... High Unreviewed

CVE-2018-1920 was published May 13, 2022

IBM Security Identity Manager 7.0.1 is vulnerable to a XML External Entity Injection (XXE) attack... High Unreviewed

CVE-2018-1970 was published May 13, 2022

SAP Business Process Automation (BPA) By Redwood does not sufficiently validate an XML document... High Unreviewed

CVE-2018-2401 was published May 13, 2022

IBM Security Identity Manager 6.0.0 Virtual Appliance is vulnerable to a XML External Entity... High Unreviewed

CVE-2018-2019 was published May 13, 2022

In Eclipse Kura versions up to 4.0.0, the Web UI package and component services, the Artemis... High Unreviewed

CVE-2019-10244 was published May 13, 2022

IBM Sterling B2B Integrator Standard Edition 5.2.0 snf 6.0.0.0 is vulnerable to an XML External... High Unreviewed

CVE-2019-4043 was published May 13, 2022

The Office Open XML (OOXML) feature in Adobe ColdFusion 10 before Update 21 and 11 before Update... High Unreviewed

CVE-2016-4264 was published May 13, 2022

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have... High Unreviewed

CVE-2018-4942 was published May 13, 2022

Adobe ColdFusion has an XML external entity (XXE) injection vulnerability. This affects Update 4... High Unreviewed

CVE-2017-11286 was published May 13, 2022

IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML External Entity Injection (XXE... High Unreviewed

CVE-2017-1477 was published May 13, 2022

Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data... High Unreviewed

CVE-2018-11048 was published May 13, 2022

ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to... High Unreviewed

CVE-2013-1915 was published May 13, 2022

An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15... High Unreviewed

CVE-2018-13823 was published May 13, 2022

SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents... High Unreviewed

CVE-2018-2492 was published May 13, 2022

The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote... High Unreviewed

CVE-2017-8913 was published May 13, 2022

xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted... High Unreviewed

CVE-2017-1000061 was published May 13, 2022

XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows... High Unreviewed

CVE-2017-9233 was published May 13, 2022

An XXE issue was discovered in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5... High Unreviewed

CVE-2016-5795 was published May 13, 2022

An XXE issue was discovered in Automated Logic Corporation (ALC) WebCTRL Versions 6.0, 6.1 and 6... High Unreviewed

CVE-2018-8819 was published May 13, 2022

Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an XML External Entity (XXE)... High Unreviewed

CVE-2018-7783 was published May 13, 2022

A XML external entity (XXE) vulnerability exists in the import.cgi of the web interface component... High Unreviewed

CVE-2018-7230 was published May 13, 2022

An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC... High Unreviewed

CVE-2017-16349 was published May 13, 2022

An exploitable XML entity injection vulnerability exists in OpenFire User Import Export Plugin 2... High Unreviewed

CVE-2017-2815 was published May 13, 2022

Previous 1 2 … 9 10 11 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

316 advisories