GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,216
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,288
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,581

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

78 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability classified as problematic has been found in Netentsec NS-ASG Application Security... Moderate Unreviewed

CVE-2024-2645 was published Mar 20, 2024

A vulnerability, which was classified as problematic, was found in Netentsec NS-ASG Application... Moderate Unreviewed

CVE-2024-2648 was published Mar 20, 2024

IBM ICP - Voice Gateway 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6. 1.0.7, 1.0.7.1, and 1.0.8... High Unreviewed

CVE-2024-47113 was published Jan 18, 2025

A XSLT Server Side injection vulnerability in the Import Jobs function of FireBear Improved... Critical Unreviewed

CVE-2024-25413 was published Feb 16, 2024

In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible... High Unreviewed

CVE-2024-34740 was published Aug 16, 2024

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed

CVE-2024-53675 was published Nov 27, 2024

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed

CVE-2024-53674 was published Nov 27, 2024

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed

CVE-2024-11622 was published Nov 27, 2024

An issue was discovered in Logpoint before 7.4.0. A path injection vulnerability is seen while... Moderate Unreviewed

CVE-2024-33858 was published May 7, 2024

An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to... Critical Unreviewed

CVE-2024-51136 was published Nov 4, 2024

An issue was discovered in OverIT Geocall before 8.0. An authenticated user who has the Test... High Unreviewed

CVE-2022-22834 was published Mar 11, 2022

BEx Web Java Runtime Export Web Service does not sufficiently validate an XML document accepted... High Unreviewed

CVE-2024-42374 was published Aug 13, 2024

XPath Injection vulnerabilities in the blog and RSS functions of Modern Campus - Omni CMS 2023.1... Moderate Unreviewed

CVE-2023-35858 was published Jun 13, 2024

Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability. This... Moderate Unreviewed

CVE-2023-32173 was published May 3, 2024

Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability. This... High Unreviewed

CVE-2023-27328 was published May 3, 2024

In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2, the file editor which is accessible... High Unreviewed

CVE-2023-40612 was published Aug 23, 2023

IBM Security Directory Server 6.4.0 is vulnerable to an XML External Entity Injection (XXE)... Critical Unreviewed

CVE-2022-32755 was published Oct 14, 2023

A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum... Critical Unreviewed

CVE-2023-43187 was published Sep 27, 2023

Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier)... High Unreviewed

CVE-2023-38207 was published Aug 9, 2023

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier)... Moderate Unreviewed

CVE-2023-29289 was published Jun 15, 2023

Umbraco CMS 7.12.4 allows Remote Code Execution by authenticated administrators via msxsl:script... High Unreviewed

CVE-2019-25137 was published May 18, 2023

IBM Cognos Analytics 11.0 and 11.1 is vulnerable to a XML External Entity Injection (XXE) attack... High Unreviewed

CVE-2018-1721 was published May 24, 2022

An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_* functions mishandle XML... Moderate Unreviewed

CVE-2019-20201 was published May 24, 2022

XMLBlueprint through 16.191112 is affected by XML External Entity Injection. The impact is:... High Unreviewed

CVE-2019-19032 was published May 24, 2022

Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. The impact is:... High Unreviewed

CVE-2019-19031 was published May 24, 2022

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

78 advisories