GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,645
Composer 4,233
Erlang 31
GitHub Actions 20
Go 1,992
Maven 5,179
npm 3,709
NuGet 661
pip 3,346
Pub 11
RubyGems 884
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 234,890

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

308 advisories

Filter by severity

Sort by

Least recently updated

IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an... High Unreviewed

CVE-2024-39726 was published Nov 15, 2024

Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to... High Unreviewed

CVE-2024-10839 was published Nov 8, 2024

Vulnerability in the Oracle Web Services Manager product of Oracle Fusion Middleware (component:... High Unreviewed

CVE-2023-21862 was published Jan 18, 2023

An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before... High Unreviewed

CVE-2024-37397 was published Sep 12, 2024

Loftware Spectrum before 4.6 HF14 allows authenticated XXE attacks. High Unreviewed

CVE-2023-37233 was published Sep 10, 2024

XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC... High Unreviewed

CVE-2024-22218 was published Aug 15, 2024

XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to... High Unreviewed

CVE-2024-38653 was published Aug 14, 2024

The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to contain references to... High Unreviewed

CVE-2024-6893 was published Aug 8, 2024

IBM Engineering Requirements Management DOORS Web Access 9.7.2.8 is vulnerable to an XML External... High Unreviewed

CVE-2023-50304 was published Jul 18, 2024

When the Kiuwan Local Analyzer uploads the scan results to the Kiuwan SAST web application ... High Unreviewed

CVE-2023-49110 was published Jun 20, 2024

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser... High Unreviewed

CVE-2019-1057 was published May 24, 2022

IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 is vulnerable to an XML... High Unreviewed

CVE-2023-45192 was published Jun 6, 2024

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could... High Unreviewed

CVE-2024-3486 was published May 15, 2024

LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability.... High Unreviewed

CVE-2023-40507 was published May 3, 2024

D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability.... High Unreviewed

CVE-2023-44412 was published May 3, 2024

LG Simple Editor saveXmlFile XML External Entity Processing Information Disclosure Vulnerability.... High Unreviewed

CVE-2023-40503 was published May 3, 2024

LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability.... High Unreviewed

CVE-2023-40506 was published May 3, 2024

The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity (XXE)... High Unreviewed

CVE-2024-29010 was published May 1, 2024

IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3... High Unreviewed

CVE-2024-22354 was published Apr 17, 2024

An XML external entity (XXE) vulnerability in PrinterOn version 4.1.4 and lower allows remote... High Unreviewed

CVE-2018-17169 was published May 24, 2022

Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and... High Unreviewed

CVE-2023-45727 was published Oct 18, 2023

An XXE (XML external entity injection) vulnerability exists in the CSEP component of Ivanti... High Unreviewed

CVE-2023-38343 was published Sep 21, 2023

Improper Restriction of XML External Entity Reference vulnerability in MIM Assistant and Client... High Unreviewed

CVE-2023-3892 was published Sep 19, 2023

Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE attacks, leading to... High Unreviewed

CVE-2023-40239 was published Sep 1, 2023

The Unica application exposes an API which accepts arbitrary XML input. By manipulating the given... High Unreviewed

CVE-2023-37497 was published Aug 4, 2023

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

308 advisories