Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,232
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,344
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

311 advisories

Loading
mofh Vulnerable to Improper Restriction of XML External Entity Reference Moderate
GHSA-7r9x-qrpr-3cxw was published for mofh (pip) Aug 11, 2022
XML external entity (XXE) processing ('external-parameter-entities' feature was not fully disabled)) Moderate
CVE-2019-10782 was published for com.puppycrawl.tools:checkstyle (Maven) Jan 31, 2020
JLLeitschuh
Improper Restriction of XML External Entity Reference in Apache Olingo Moderate
CVE-2019-17554 was published for org.apache.olingo:odata-client-core (Maven) Feb 4, 2020
Moderate severity vulnerability that affects org.apache.ignite:ignite-core Moderate
CVE-2016-6805 was published for org.apache.ignite:ignite-core (Maven) Oct 16, 2018
Moderate severity vulnerability that affects com.puppycrawl.tools:checkstyle Moderate
CVE-2019-9658 was published for com.puppycrawl.tools:checkstyle (Maven) Mar 14, 2019
Authenticated XML External Entity Processing Moderate
GHSA-8xv9-qcr9-ww9j was published for shopware/core (Composer) Oct 19, 2020
dahua966
XML External Entities Vulnerability in CVRF-CSAF-Converter Moderate
CVE-2022-27193 was published for cvrf2csaf (pip) Mar 16, 2022
A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10... Moderate Unreviewed
CVE-2022-0861 was published Mar 24, 2022
When opening a malicious solution file provided by an attacker, the application suffers from an... Moderate Unreviewed
CVE-2022-1018 was published Apr 3, 2022
Improper Restriction of XML External Entity Reference in wutka jox Moderate
CVE-2021-43142 was published for com.wutka:jox (Maven) Apr 1, 2022
A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... Moderate Unreviewed
CVE-2022-0221 was published Apr 14, 2022
Improper Restriction of XML External Entity Reference in Castor Moderate
CVE-2014-3004 was published for org.codehaus.castor:castor (Maven) May 13, 2022
Improper Restriction of XML External Entity Reference in Elasticsearch Moderate
CVE-2018-17247 was published for org.elasticsearch:elasticsearch (Maven) May 13, 2022
Improper Restriction of XML External Entity Reference in Apache uimaj Moderate
CVE-2017-15691 was published for org.apache.uima:uimafit-core (Maven) May 14, 2022
XML External Entity Reference in RESTEasy Moderate
CVE-2014-7839 was published for org.jboss.resteasy:resteasy-jaxrs (Maven) May 17, 2022
XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file... Moderate Unreviewed
CVE-2017-7457 was published May 17, 2022
XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM... Moderate Unreviewed
CVE-2015-0194 was published May 17, 2022
IBM Tivoli Endpoint Manager is vulnerable to a XML External Entity Injection (XXE) attack when... Moderate Unreviewed
CVE-2017-1219 was published May 17, 2022
VMware vSphere Client 5.5 before U3e and 6.0 before U2a allows remote vCenter Server and ESXi... Moderate Unreviewed
CVE-2016-7458 was published May 17, 2022
An Improper XML Parser Configuration issue was discovered in Schneider Electric Wonderware... Moderate Unreviewed
CVE-2017-7907 was published May 17, 2022
XML External Entity Reference in Eclipse Lyo Moderate
CVE-2021-41042 was published for org.eclipse.lyo:lyo-parent (Maven) Jul 8, 2022
An XML External Entity vulnerability in Cisco WebEx Meetings Server could allow an authenticated,... Moderate Unreviewed
CVE-2017-3811 was published May 17, 2022
IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an... Moderate Unreviewed
CVE-2016-0254 was published May 17, 2022
An XML External Entity Injection vulnerability in Juniper Networks Junos Space versions prior to... Moderate Unreviewed
CVE-2017-2308 was published May 17, 2022
XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager... Moderate Unreviewed
CVE-2017-9295 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database