Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

470 advisories

Loading
IntelliJ IDEA XML parser was found vulnerable to XML External Entity attack, an attacker can... High Unreviewed
CVE-2017-8316 was published May 14, 2022
Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external... High Unreviewed
CVE-2016-8526 was published May 14, 2022
XML external entity (XXE) vulnerability in the XACML flow feature in WSO2 Identity Server 5.1.0... High Unreviewed
CVE-2016-4312 was published May 14, 2022
XML external entity (XXE) vulnerability in java/org/jasig/cas/util/SamlUtils.java in Jasig CAS... High Unreviewed
CVE-2014-2296 was published May 14, 2022
WeChat Pay Java SDK allows XXE High
CVE-2018-13439 was published for com.github.wxpay:wxpay-sdk (Maven) May 14, 2022
LoboEvolution version < 9b75694cedfa4825d4a2330abf2719d470c654cd contains a XML External Entity ... High Unreviewed
CVE-2018-1000540 was published May 14, 2022
ventrian News-Articles version NewsArticles.00.09.11 contains a XML External Entity (XXE)... High Unreviewed
CVE-2018-1000515 was published May 14, 2022
Umlet version < 14.3 contains a XML External Entity (XXE) vulnerability in File parsing that can... High Unreviewed
CVE-2018-1000548 was published May 14, 2022
netbeans-mmd-plugin version <= 1.4.3 contains a XML External Entity (XXE) vulnerability in MMD... High Unreviewed
CVE-2018-1000542 was published May 14, 2022
Triplea version <= 1.9.0.0.10291 contains a XML External Entity (XXE) vulnerability in Importing... High Unreviewed
CVE-2018-1000546 was published May 14, 2022
IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to a XML External Entity... High Unreviewed
CVE-2018-1456 was published May 14, 2022
RSA Authentication Manager Security Console, version 8.3 and earlier, contains a XML External... High Unreviewed
CVE-2018-1247 was published May 14, 2022
Multiple XML external entity (XXE) vulnerabilities in (1) CQWeb / CM Server, (2) ClearQuest... High Unreviewed
CVE-2014-0950 was published May 14, 2022
The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7... High Unreviewed
CVE-2017-6323 was published May 14, 2022
Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an... High Unreviewed
CVE-2017-8315 was published May 14, 2022
textpattern version version 4.6.2 contains a XML Injection vulnerability in Import XML feature... High Unreviewed
CVE-2018-1000090 was published May 14, 2022
Jenkins CCM Plugin vulnerable to Improper Restriction of XML External Entity Reference High
CVE-2018-1000054 was published for org.jvnet.hudson.plugins:ccm (Maven) May 14, 2022
IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and... High Unreviewed
CVE-2017-1758 was published May 14, 2022
Improper Restriction of XML External Entity Reference in Jenkins JUnit Plugin High
CVE-2018-1000056 was published for org.jenkins-ci.plugins:junit (Maven) May 14, 2022
XXE vulnerability in Jenkins Android Lint Plugin High
CVE-2018-1000055 was published for org.jvnet.hudson.plugins:android-lint (Maven) May 14, 2022
Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53,... High Unreviewed
CVE-2018-2392 was published May 14, 2022
Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53,... High Unreviewed
CVE-2018-2393 was published May 14, 2022
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x... High Unreviewed
CVE-2018-5789 was published May 14, 2022
IBM Content Navigator 2.0 and 3.0 is vulnerable to a XML External Entity Injection (XXE) attack... High Unreviewed
CVE-2018-1364 was published May 14, 2022
XXE vulnerability Jenkins Warnings Plugin High
CVE-2018-1000012 was published for org.jvnet.hudson.plugins:warnings (Maven) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database