Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

311 advisories

Loading
IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13,... Moderate Unreviewed
CVE-2018-1801 was published May 13, 2022
An External XML entity (XXE) vulnerability in ePO prior to 5.10 Update 14 can lead to an... Moderate Unreviewed
CVE-2022-3338 was published Oct 18, 2022
In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2... Moderate Unreviewed
CVE-2018-17889 was published May 13, 2022
The TIBCO Designer component of TIBCO Software Inc.'s TIBCO Runtime Agent, and TIBCO Runtime... Moderate Unreviewed
CVE-2018-5434 was published May 13, 2022
The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator -... Moderate Unreviewed
CVE-2018-5433 was published May 13, 2022
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an... Moderate Unreviewed
CVE-2022-38419 was published Oct 15, 2022
A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an... Moderate Unreviewed
CVE-2018-0414 was published May 13, 2022
A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow... Moderate Unreviewed
CVE-2018-0100 was published May 13, 2022
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to... Moderate Unreviewed
CVE-2018-0108 was published May 13, 2022
Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10.4 update 1 allows remote... Moderate Unreviewed
CVE-2015-2125 was published May 13, 2022
XML External Entity Reference in jbpmmigration Moderate
CVE-2017-7545 was published for org.jbpm.jbpm5:jbpmmigration (Maven) May 13, 2022
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products ... Moderate Unreviewed
CVE-2017-3548 was published May 13, 2022
An XML External Entity vulnerability in the web-based user interface of the Cisco Secure Access... Moderate Unreviewed
CVE-2017-3839 was published May 13, 2022
The Microsoft Common Console Document (.msc) in Microsoft Windows 7 SP1, Windows Server 2008 SP2... Moderate Unreviewed
CVE-2017-8710 was published May 13, 2022
An XML external entity (XXE) injection vulnerability in Kwoksys Kwok Information Server before v2... Moderate Unreviewed
CVE-2022-45326 was published Dec 6, 2022
SLD Registration in SAP HANA (fixed in versions 1.0, 2.0) does not sufficiently validate an XML... Moderate Unreviewed
CVE-2019-0284 was published May 14, 2022
The administration backup restore resource in Atlassian Crowd before version 3.0.2 and from... Moderate Unreviewed
CVE-2017-18110 was published May 14, 2022
An XML External Entity Injection (XXE) vulnerability in the Management System (console) of... Moderate Unreviewed
CVE-2019-8997 was published May 14, 2022
SAP HANA extended application services, version 1, advanced does not sufficiently validate an XML... Moderate Unreviewed
CVE-2019-0277 was published May 14, 2022
Windows System Information Console in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows... Moderate Unreviewed
CVE-2017-8557 was published May 14, 2022
FreePlane version 1.5.9 and earlier contains a XML External Entity (XXE) vulnerability in XML... Moderate Unreviewed
CVE-2018-1000069 was published May 14, 2022
SLD Registration of ABAP Platform allows an attacker to prevent legitimate users from accessing a... Moderate Unreviewed
CVE-2019-0265 was published May 14, 2022
HornetQ REST vulnerable to Improper Restriction of XML External Entity Reference Moderate
CVE-2014-3599 was published for org.hornetq.rest:hornetq-rest (Maven) May 24, 2022
S3 Browser before 8.1.5 contains an XML external entity (XXE) vulnerability, allowing remote... Moderate Unreviewed
CVE-2018-20298 was published May 14, 2022
The Upload add-on resource in Atlassian Universal Plugin Manager before version 2.22.14 allows... Moderate Unreviewed
CVE-2018-20233 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database