GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,029 advisories
Filter by severity
Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R)...
High
Unreviewed
CVE-2022-21205
was published
Feb 11, 2022
Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before...
High
Unreviewed
CVE-2022-21220
was published
Feb 11, 2022
Improper Restriction of XML External Entity Reference
High
CVE-2020-13692
was published
for
org.postgresql:postgresql
(Maven)
Feb 10, 2022
Signiant Manager+Agents before 15.1 allows XML External Entity (XXE) attacks.
Critical
Unreviewed
CVE-2021-46660
was published
Jan 31, 2022
On BIG-IP FPS, ASM, and Advanced WAF versions 16.1.x before 16.1.1, 15.1.x before 15.1.4, and 14...
Moderate
Unreviewed
CVE-2022-23031
was published
Jan 26, 2022
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable to an XML External Entity...
High
Unreviewed
CVE-2020-4876
was published
Jan 22, 2022
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable to an XML External Entity...
High
Unreviewed
CVE-2020-4875
was published
Jan 22, 2022
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
Critical
CVE-2022-0239
was published
for
edu.stanford.nlp:stanford-corenlp
(Maven)
Jan 21, 2022
Improper Restriction of XML External Entity Reference in skylot/jadx
Moderate
CVE-2022-0219
was published
for
io.github.skylot:jadx-core
(Maven)
Jan 21, 2022
XML External Entity Reference in edu.stanford.nlp:stanford-corenlp
Moderate
CVE-2022-0198
was published
for
edu.stanford.nlp:stanford-corenlp
(Maven)
Jan 14, 2022
AEM Forms Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by an XML...
Critical
Unreviewed
CVE-2021-40722
was published
Jan 14, 2022
An issue was discovered in CALDERA 2.9.0. The Debrief plugin receives base64 encoded "SVG"...
High
Unreviewed
CVE-2021-42560
was published
Jan 13, 2022
Improper Restriction of XML External Entity Reference in Apache NiFi
Moderate
CVE-2020-13940
was published
for
org.apache.nifi:nifi
(Maven)
Jan 6, 2022
XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file...
Moderate
Unreviewed
CVE-2021-44028
was published
Dec 23, 2021
KNIME Analytics Platform before 4.5.0 is vulnerable to XXE (external XML entity injection) via a...
Moderate
Unreviewed
CVE-2021-45096
was published
Dec 17, 2021
Improper Restriction of XML External Entity Reference in com.h2database:h2.
High
CVE-2021-23463
was published
for
com.h2database:h2
(Maven)
Dec 16, 2021
dbeaver is vulnerable to Improper Restriction of XML External Entity Reference
Moderate
Unreviewed
CVE-2021-3836
was published
Dec 15, 2021
National Library of the Netherlands multiNER <= c0440948057afc6e3d6b4903a7c05e666b94a3bc is...
Critical
Unreviewed
CVE-2021-44557
was published
Dec 9, 2021
National Library of the Netherlands digger < 6697d1269d981e35e11f240725b16401b5ce3db5 is affected...
Critical
Unreviewed
CVE-2021-44556
was published
Dec 9, 2021
CloverDX Server before 5.11.2 and and 5.12.x before 5.12.1 allows XXE during configuration import.
High
Unreviewed
CVE-2021-42776
was published
Dec 2, 2021
An XML External Entity issue in Claris FileMaker Pro and Server (including WebDirect) before 19.4...
Moderate
Unreviewed
CVE-2021-44147
was published
Nov 23, 2021
XML External Entity vulnerability in Easy-XML
High
CVE-2020-26705
was published
for
easy-xml
(pip)
Nov 1, 2021
XML External Entity vulnerability in MODX CMS
Critical
CVE-2020-25911
was published
for
modx/revolution
(Composer)
Nov 1, 2021
XML External Entity Reference in org.opencms:opencms-core
Moderate
CVE-2021-3312
was published
for
org.opencms:opencms-core
(Maven)
Oct 12, 2021
Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby
High
CVE-2021-41098
was published
for
nokogiri
(RubyGems)
Sep 27, 2021
ProTip!
Advisories are also available from the
GraphQL API