Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,034 advisories

Loading
Improper Restriction of XML External Entity Reference in Apache Batik High
CVE-2017-5662 was published for org.apache.xmlgraphics:batik (Maven) May 13, 2022
IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML External Entity Injection (XXE... High Unreviewed
CVE-2017-1477 was published May 13, 2022
IBM Security Access Manager for Web is vulnerable to a denial of service, caused by an XML... Moderate Unreviewed
CVE-2016-3027 was published May 13, 2022
IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information,... Critical Unreviewed
CVE-2016-2908 was published May 13, 2022
Moodle Arbitrary File Read via XML External Entity vulnerability Moderate
CVE-2014-3543 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data... High Unreviewed
CVE-2018-11048 was published May 13, 2022
SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and... Critical Unreviewed
CVE-2018-16792 was published May 13, 2022
ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to... High Unreviewed
CVE-2013-1915 was published May 13, 2022
XML external entity (XXE) vulnerability in Geist WatchDog Console 3.2.2 allows remote... Moderate Unreviewed
CVE-2018-10077 was published May 13, 2022
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15... Critical Unreviewed
CVE-2018-13826 was published May 13, 2022
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15... High Unreviewed
CVE-2018-13823 was published May 13, 2022
SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents... High Unreviewed
CVE-2018-2492 was published May 13, 2022
XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1... Critical Unreviewed
CVE-2016-3974 was published May 13, 2022
XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows... Moderate Unreviewed
CVE-2017-11457 was published May 13, 2022
The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote... High Unreviewed
CVE-2017-8913 was published May 13, 2022
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted... High Unreviewed
CVE-2017-1000061 was published May 13, 2022
Improper Restriction of XML External Entity Reference in Apache CXF JAX-RS High
CVE-2016-8739 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows... High Unreviewed
CVE-2017-9233 was published May 13, 2022
Improper Restriction of XML External Entity Reference in Apache FOP High
CVE-2017-5661 was published for org.apache.xmlgraphics:fop (Maven) May 13, 2022
An XXE issue was discovered in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5... High Unreviewed
CVE-2016-5795 was published May 13, 2022
An XXE issue was discovered in Automated Logic Corporation (ALC) WebCTRL Versions 6.0, 6.1 and 6... High Unreviewed
CVE-2018-8819 was published May 13, 2022
In Single Sign-On for Pivotal Cloud Foundry (PCF) 1.3.x versions prior to 1.3.4 and 1.4.x... Moderate Unreviewed
CVE-2017-8040 was published May 13, 2022
Improper Restriction of XML External Entity Reference in python-docx High
CVE-2016-5851 was published for python-docx (pip) May 13, 2022
tdunlap607
Improper Restriction of XML External Entity Reference in Castor Moderate
CVE-2014-3004 was published for org.codehaus.castor:castor (Maven) May 13, 2022
Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an XML External Entity (XXE)... High Unreviewed
CVE-2018-7783 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database