Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,062 advisories

Loading
Safe Software FME Server v2022.0.1.1 and below was discovered to contain a XML External Entity ... Moderate Unreviewed
CVE-2022-38342 was published Sep 14, 2022
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter... High Unreviewed
CVE-2022-29801 was published May 21, 2022
In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom... Moderate Unreviewed
CVE-2022-46827 was published Dec 8, 2022
XML External Entity Reference in Jenkins Recipe Plugin High
CVE-2022-34793 was published for org.jenkins-ci.plugins:recipe (Maven) Jul 1, 2022
NotMyFault
Jenkins Plot Plugin XML External Entity Reference vulnerability High
CVE-2022-46682 was published for org.jenkins-ci.plugins:plot (Maven) Dec 12, 2022
Out-of-Band XML External Entity (OOB-XXE) vulnerability in Zoho ManageEngine Analytics Plus... High Unreviewed
CVE-2020-21641 was published Aug 16, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0 snf 6.0.0.0 is vulnerable to an XML External... High Unreviewed
CVE-2019-4043 was published May 13, 2022
XXE vulnerability in Jenkins Valgrind Plugin High
CVE-2020-2245 was published for org.jenkins-ci.plugins:valgrind (Maven) May 24, 2022
NotMyFault
XXE vulnerability in Jenkins Klocwork Analysis Plugin High
CVE-2020-2247 was published for org.jenkins-ci.plugins:klocwork (Maven) May 24, 2022
NotMyFault
An XML external entity (XXE) vulnerability iin Zoho ManageEngine Desktop Central before the 07... High Unreviewed
CVE-2020-8540 was published May 24, 2022
Improper Restriction of XML External Entity Reference in MPXJ Critical
CVE-2020-25020 was published for net.sf.mpxj:mpxj (Maven) May 7, 2021
An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and... Critical Unreviewed
CVE-2022-3980 was published Nov 16, 2022
The ifmap service that comes bundled with Contrail has an XML External Entity (XXE) vulnerability... Moderate Unreviewed
CVE-2017-10617 was published May 13, 2022
Rockwell Automation Logix Designer Studio 5000 Versions 32.00, 32.01, and 32.02 vulnerable to an... Moderate Unreviewed
CVE-2020-12025 was published May 24, 2022
The Management Console in certain WSO2 products allows XXE attacks during EventReceiver updates.... Moderate Unreviewed
CVE-2020-24591 was published May 24, 2022
An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. There is XXE with resultant SSRF... Moderate Unreviewed
CVE-2020-15772 was published May 24, 2022
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an... High Unreviewed
CVE-2022-42341 was published Oct 15, 2022
Improper Restriction of XML External Entity Reference in subsystem forIntel(R) Quartus(R) Prime... High Unreviewed
CVE-2020-24454 was published May 24, 2022
A CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists in... High Unreviewed
CVE-2020-7572 was published May 24, 2022
In Zimbra Collaboration Suite Network Edition versions < 9.0.0 P10 and 8.8.15 P17, there exists... Moderate Unreviewed
CVE-2020-35123 was published May 24, 2022
IBM Security Verify Privilege Manager 10.8 is vulnerable to an XML External Entity Injection (XXE... Moderate Unreviewed
CVE-2020-4606 was published May 24, 2022
Due to improper restrictions on XML entities multiple vulnerabilities exist in the command line... Moderate Unreviewed
CVE-2022-37911 was published Dec 12, 2022
Sonatype Nexus Repository Manager 3.x before 3.29.0 allows a user with admin privileges to... Moderate Unreviewed
CVE-2020-29436 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity... High Unreviewed
CVE-2020-4949 was published May 24, 2022
A vulnerability has been identified in JT2Go (All Versions < V13.1.0), Teamcenter Visualization ... Moderate Unreviewed
CVE-2020-26981 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database