GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,972
Composer 4,285
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,238
npm 3,741
NuGet 668
pip 3,422
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,198

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

240 advisories

Filter by severity

Sort by

Least recently updated

In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE... Moderate Unreviewed

CVE-2024-56356 was published Dec 20, 2024

Improper Restriction of XML External Entity Reference vulnerability in OpenText™ Operations... Moderate Unreviewed

CVE-2021-22501 was published Dec 19, 2024

Microsoft SharePoint Information Disclosure Vulnerability Moderate Unreviewed

CVE-2024-49064 was published Dec 12, 2024

When the XML is read from the codes in the PDF and parsed using a DocumentBuilder, the default... Moderate Unreviewed

CVE-2024-8602 was published Oct 14, 2024

Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and... Moderate Unreviewed

CVE-2024-49535 was published Dec 10, 2024

A vulnerability has been identified in COMOS V10.3 (All versions < V10.3.3.5.8), COMOS V10.4.0 ... Moderate Unreviewed

CVE-2024-49704 was published Dec 10, 2024

A vulnerability has been identified in COMOS V10.3 (All versions < V10.3.3.5.8), COMOS V10.4.0 ... Moderate Unreviewed

CVE-2024-54005 was published Dec 10, 2024

Due to missing validation of XML input, an unauthenticated attacker could send malicious input to... Moderate Unreviewed

CVE-2024-47582 was published Dec 10, 2024

Laravel v11.x was discovered to contain an XML External Entity (XXE) vulnerability. Moderate Unreviewed

CVE-2024-40075 was published Jul 22, 2024

A XML External Entity (XXE) vulnerability has been identified in Easy Tax Client Software 2023 1... Moderate Unreviewed

CVE-2024-9044 was published Nov 29, 2024

An XML External Entity (XXE) vulnerability in the Import object and Translation Memory import... Moderate Unreviewed

CVE-2024-50848 was published Nov 18, 2024

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,... Moderate Unreviewed

CVE-2020-26066 was published Nov 18, 2024

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,... Moderate Unreviewed

CVE-2021-1483 was published Nov 15, 2024

A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS... Moderate Unreviewed

CVE-2024-5919 was published Nov 14, 2024

A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read... Moderate Unreviewed

CVE-2024-20531 was published Nov 6, 2024

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection ... Moderate Unreviewed

CVE-2024-45086 was published Nov 4, 2024

e-Tax software Version3.0.10 and earlier improperly restricts XML external entity references (XXE... Moderate Unreviewed

CVE-2023-46802 was published Nov 6, 2023

Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor... Moderate Unreviewed

CVE-2024-50442 was published Oct 28, 2024

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed

CVE-2024-4690 was published Oct 16, 2024

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed

CVE-2024-4184 was published Oct 16, 2024

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed

CVE-2024-4189 was published Oct 16, 2024

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection ... Moderate Unreviewed

CVE-2024-45072 was published Oct 16, 2024

An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in... Moderate Unreviewed

CVE-2023-5136 was published Nov 8, 2023

TopQuadrant TopBraid EDG before version 8.0.1 allows an authenticated attacker to upload an XML... Moderate Unreviewed

CVE-2024-45745 was published Sep 27, 2024

SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details... Moderate Unreviewed

CVE-2023-41365 was published Oct 10, 2023

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

240 advisories