Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

474 advisories

Loading
XML external entity (XXE) vulnerability in Episerver 7 patch 4 and earlier allows remote... High Unreviewed
CVE-2017-17762 was published May 24, 2022
Jenkins 360 FireLine Plugin vulnerable to XML External Entity Reference High
CVE-2019-10466 was published for org.jenkins-ci.plugins.plugin:fireline (Maven) May 24, 2022
XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka... High Unreviewed
CVE-2019-18213 was published May 24, 2022
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection... High Unreviewed
CVE-2019-8087 was published May 24, 2022
Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a xml external entity injection... High Unreviewed
CVE-2019-8082 was published May 24, 2022
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection... High Unreviewed
CVE-2019-8086 was published May 24, 2022
An XML External Entity Injection vulnerability exists in Dzone AnswerHub. High Unreviewed
CVE-2017-15725 was published May 24, 2022
An issue was discovered in LabKey Server 19.1.0. Sending an SVG containing an XXE payload to the... High Unreviewed
CVE-2019-9757 was published May 24, 2022
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. XXE vulnerabilities exist that may allow... High Unreviewed
CVE-2019-18227 was published May 24, 2022
Jenkins Maven Release Plug-in Plugin XXE vulnerability High
CVE-2019-16549 was published for org.jenkins-ci.plugins.m2release:m2release (Maven) May 24, 2022
Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php. High Unreviewed
CVE-2019-19998 was published May 24, 2022
Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. The impact is:... High Unreviewed
CVE-2019-19031 was published May 24, 2022
XMLBlueprint through 16.191112 is affected by XML External Entity Injection. The impact is:... High Unreviewed
CVE-2019-19032 was published May 24, 2022
XML external entity (XXE) vulnerability in Jenkins High
CVE-2015-1809 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
PyAMF vulnerable to XML external entity (XXE) High
CVE-2015-8549 was published for pyamf (pip) May 24, 2022
XXE vulnerability in Jenkins Robot Framework Plugin High
CVE-2020-2092 was published for org.jenkins-ci.plugins:robot (Maven) May 24, 2022
NotMyFault
XXE vulnerability in Jenkins WebSphere Deployer Plugin High
CVE-2020-2108 was published for org.jenkins-ci.plugins:websphere-deployer (Maven) May 24, 2022
NotMyFault
XXE vulnerability in NUnit Plugin High
CVE-2020-2115 was published for org.jenkins-ci.plugins:nunit (Maven) May 24, 2022
NotMyFault
XXE vulnerability in FitNesse Plugin High
CVE-2020-2120 was published for org.jenkins-ci.plugins:fitnesse (Maven) May 24, 2022
NotMyFault
An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur... High Unreviewed
CVE-2020-9352 was published May 24, 2022
XXE vulnerability in Jenkins Cobertura Plugin High
CVE-2020-2138 was published for org.jenkins-ci.plugins:cobertura (Maven) May 24, 2022
NotMyFault
XXE vulnerability in Rundeck Plugin High
CVE-2020-2144 was published for org.jenkins-ci.plugins:rundeck (Maven) May 24, 2022
NotMyFault
SAP NetWeaver Application Server Java (User Management Engine), versions- 7.10, 7.11, 7.20, 7.30,... High Unreviewed
CVE-2020-6202 was published May 24, 2022
An XML external entity (XXE) vulnerability iin Zoho ManageEngine Desktop Central before the 07... High Unreviewed
CVE-2020-8540 was published May 24, 2022
Oxygen XML Editor 21.1.1 allows XXE to read any file. High Unreviewed
CVE-2019-20191 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database