GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,143
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,759
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,482

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

730 advisories

Filter by severity

Sort by

Least recently updated

BigFix Patch Download Plug-ins are affected by an insecure package which is susceptible to XML... Low Unreviewed

CVE-2024-42185 was published Jan 23, 2025

An XML External Entity (XXE) vulnerability exists in the Ambari/Oozie project, allowing an... High Unreviewed

CVE-2025-23195 was published Jan 22, 2025

In multiple functions of UserDictionaryProvider.java, there is a possible way to add and delete... High Unreviewed

CVE-2018-9375 was published Jan 18, 2025

In multiple functions of MiniThumbFile.java, there is a possible way to view the thumbnails of... Moderate Unreviewed

CVE-2018-9379 was published Jan 18, 2025

CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... High Unreviewed

CVE-2024-12476 was published Jan 17, 2025

We found a vulnerability Improper Restriction of XML External Entity Reference (CWE-611) in NB... Moderate Unreviewed

CVE-2024-12298 was published Jan 14, 2025

An XML External Entity (XXE) vulnerability in Elspec Engineering G5 Digital Fault Recorder... High Unreviewed

CVE-2024-46603 was published Jan 7, 2025

An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. An XML... High Unreviewed

CVE-2024-46602 was published Jan 7, 2025

In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can... Critical Unreviewed

CVE-2024-40896 was published Dec 23, 2024

In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE... Moderate Unreviewed

CVE-2024-56356 was published Dec 20, 2024

Improper Restriction of XML External Entity Reference vulnerability in OpenText™ Operations... Moderate Unreviewed

CVE-2021-22501 was published Dec 19, 2024

An XML External Entity (XXE) injection vulnerability in the component /datagrip/upload of Chat2DB... Critical Unreviewed

CVE-2024-55081 was published Dec 19, 2024

Microsoft SharePoint Information Disclosure Vulnerability Moderate Unreviewed

CVE-2024-49064 was published Dec 12, 2024

Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and... Moderate Unreviewed

CVE-2024-49535 was published Dec 10, 2024

A vulnerability has been identified in COMOS V10.3 (All versions < V10.3.3.5.8), COMOS V10.4.0 ... Moderate Unreviewed

CVE-2024-49704 was published Dec 10, 2024

A vulnerability has been identified in COMOS V10.3 (All versions < V10.3.3.5.8), COMOS V10.4.0 ... Moderate Unreviewed

CVE-2024-54005 was published Dec 10, 2024

Due to missing validation of XML input, an unauthenticated attacker could send malicious input to... Moderate Unreviewed

CVE-2024-47582 was published Dec 10, 2024

A XML External Entity (XXE) vulnerability has been identified in Easy Tax Client Software 2023 1... Moderate Unreviewed

CVE-2024-9044 was published Nov 29, 2024

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed

CVE-2024-53675 was published Nov 27, 2024

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed

CVE-2024-53674 was published Nov 27, 2024

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed

CVE-2024-11622 was published Nov 27, 2024

Possible XML External Entity Injection in iManager GET parameter has been discovered in... High Unreviewed

CVE-2023-24466 was published Nov 22, 2024

An XML External Entity (XXE) vulnerability in the Import object and Translation Memory import... Moderate Unreviewed

CVE-2024-50848 was published Nov 18, 2024

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,... Moderate Unreviewed

CVE-2020-26066 was published Nov 18, 2024

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,... Moderate Unreviewed

CVE-2021-1483 was published Nov 15, 2024

Previous 1 2 3 4 5 … 29 30 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

730 advisories