Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,034 advisories

Loading
Improper Restriction of XML External Entity Reference in Elasticsearch Moderate
CVE-2018-17247 was published for org.elasticsearch:elasticsearch (Maven) May 13, 2022
In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2... Moderate Unreviewed
CVE-2018-17889 was published May 13, 2022
An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter... High Unreviewed
CVE-2018-17912 was published May 13, 2022
Spacewalk 2.6 contains an API which has an XXE flaw allowing for the disclosure of potentially... High Unreviewed
CVE-2018-1077 was published May 13, 2022
IBM Marketing Platform 9.1.0, 9.1.2, and 10.1 is vulnerable to a XML External Entity Injection ... High Unreviewed
CVE-2018-1424 was published May 13, 2022
IBM WebSphere DataPower Appliances 7.1, 7.2, 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to a XML... High Unreviewed
CVE-2018-1421 was published May 13, 2022
IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration... High Unreviewed
CVE-2018-1542 was published May 13, 2022
IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through... High Unreviewed
CVE-2018-1588 was published May 13, 2022
IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable... High Unreviewed
CVE-2018-1607 was published May 13, 2022
IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 - 7.5.0.16, 7.5.1.0 - 7.5.1... High Unreviewed
CVE-2018-1669 was published May 13, 2022
IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 are... High Unreviewed
CVE-2018-1702 was published May 13, 2022
IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External... Critical Unreviewed
CVE-2018-1727 was published May 13, 2022
IBM QRadar SIEM 7.2 and 7.3 is vulnerable to a XML External Entity Injection (XXE) attack when... High Unreviewed
CVE-2018-1730 was published May 13, 2022
IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 is vulnerable to a XML External Entity... High Unreviewed
CVE-2018-1747 was published May 13, 2022
IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External... Critical Unreviewed
CVE-2018-1821 was published May 13, 2022
IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13,... Moderate Unreviewed
CVE-2018-1801 was published May 13, 2022
IBM Daeja ViewONE Professional, Standard & Virtual 5 is vulnerable to a XML External Entity... High Unreviewed
CVE-2018-1835 was published May 13, 2022
IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable... High Unreviewed
CVE-2018-1846 was published May 13, 2022
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML External Entity Injection (XXE... High Unreviewed
CVE-2018-1844 was published May 13, 2022
IBM WebSphere Application Server 9.0.0.0 through 9.0.0.9 is vulnerable to a XML External Entity... High Unreviewed
CVE-2018-1905 was published May 13, 2022
IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML External Entity Injection ... High Unreviewed
CVE-2018-1920 was published May 13, 2022
IBM Security Identity Manager 7.0.1 is vulnerable to a XML External Entity Injection (XXE) attack... High Unreviewed
CVE-2018-1970 was published May 13, 2022
SAP Business Process Automation (BPA) By Redwood does not sufficiently validate an XML document... High Unreviewed
CVE-2018-2401 was published May 13, 2022
IBM Security Identity Manager 6.0.0 Virtual Appliance is vulnerable to a XML External Entity... High Unreviewed
CVE-2018-2019 was published May 13, 2022
The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator -... Moderate Unreviewed
CVE-2018-5433 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database