GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,217
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,288
npm 3,767
NuGet 680
pip 3,454
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,581

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

317 advisories

Filter by severity

Sort by

Least recently updated

Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Webtop 6.8.0160... High Unreviewed

CVE-2017-14527 was published May 17, 2022

IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when... High Unreviewed

CVE-2017-1289 was published May 14, 2022

Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration import functionality... High Unreviewed

CVE-2017-1000496 was published May 14, 2022

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to a XML External Entity... High Unreviewed

CVE-2017-1666 was published May 14, 2022

IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entity Injection (XXE) attack... High Unreviewed

CVE-2017-1192 was published May 14, 2022

IBM Content Navigator 2.0 and 3.0 is vulnerable to a XML External Entity Injection (XXE) attack... High Unreviewed

CVE-2018-1364 was published May 14, 2022

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x... High Unreviewed

CVE-2018-5789 was published May 14, 2022

Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53,... High Unreviewed

CVE-2018-2393 was published May 14, 2022

Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53,... High Unreviewed

CVE-2018-2392 was published May 14, 2022

IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and... High Unreviewed

CVE-2017-1758 was published May 14, 2022

textpattern version version 4.6.2 contains a XML Injection vulnerability in Import XML feature... High Unreviewed

CVE-2018-1000090 was published May 14, 2022

Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an... High Unreviewed

CVE-2017-8315 was published May 14, 2022

The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7... High Unreviewed

CVE-2017-6323 was published May 14, 2022

Multiple XML external entity (XXE) vulnerabilities in (1) CQWeb / CM Server, (2) ClearQuest... High Unreviewed

CVE-2014-0950 was published May 14, 2022

RSA Authentication Manager Security Console, version 8.3 and earlier, contains a XML External... High Unreviewed

CVE-2018-1247 was published May 14, 2022

IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to a XML External Entity... High Unreviewed

CVE-2018-1456 was published May 14, 2022

Triplea version <= 1.9.0.0.10291 contains a XML External Entity (XXE) vulnerability in Importing... High Unreviewed

CVE-2018-1000546 was published May 14, 2022

netbeans-mmd-plugin version <= 1.4.3 contains a XML External Entity (XXE) vulnerability in MMD... High Unreviewed

CVE-2018-1000542 was published May 14, 2022

Umlet version < 14.3 contains a XML External Entity (XXE) vulnerability in File parsing that can... High Unreviewed

CVE-2018-1000548 was published May 14, 2022

ventrian News-Articles version NewsArticles.00.09.11 contains a XML External Entity (XXE)... High Unreviewed

CVE-2018-1000515 was published May 14, 2022

LoboEvolution version < 9b75694cedfa4825d4a2330abf2719d470c654cd contains a XML External Entity ... High Unreviewed

CVE-2018-1000540 was published May 14, 2022

XML external entity (XXE) vulnerability in java/org/jasig/cas/util/SamlUtils.java in Jasig CAS... High Unreviewed

CVE-2014-2296 was published May 14, 2022

XML external entity (XXE) vulnerability in the XACML flow feature in WSO2 Identity Server 5.1.0... High Unreviewed

CVE-2016-4312 was published May 14, 2022

Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external... High Unreviewed

CVE-2016-8526 was published May 14, 2022

IntelliJ IDEA XML parser was found vulnerable to XML External Entity attack, an attacker can... High Unreviewed

CVE-2017-8316 was published May 14, 2022

Previous 1 2 … 7 8 9 10 11 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

317 advisories