Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

245 advisories

Loading
Improper Restriction of XML External Entity Reference in soa-model Critical
CVE-2021-43090 was published for com.predic8:soa-model-core (Maven) Mar 26, 2022
XML external entity (XXE) injection in Apache Nutch Critical
CVE-2021-23901 was published for org.apache.nutch:nutch (Maven) Mar 18, 2022
Improper Restriction of XML External Entity Reference in Any23 Critical
CVE-2022-25312 was published for org.apache.any23:apache-any23 (Maven) Mar 6, 2022
Improper Restriction of XML External Entity Reference in Liquibase Critical
CVE-2022-0839 was published for org.liquibase:liquibase-core (Maven) Mar 5, 2022
XML External Entity Reference in Hazelcast Critical
CVE-2022-0265 was published for com.hazelcast:hazelcast (Maven) Mar 4, 2022
aiannucci
Improper Restriction of XML External Entity Reference in com.monitorjbl:xlsx-streamer Critical
CVE-2022-23640 was published for com.monitorjbl:xlsx-streamer (Maven) Mar 2, 2022
pjfanning
Signiant Manager+Agents before 15.1 allows XML External Entity (XXE) attacks. Critical Unreviewed
CVE-2021-46660 was published Jan 31, 2022
corenlp is vulnerable to Improper Restriction of XML External Entity Reference Critical
CVE-2022-0239 was published for edu.stanford.nlp:stanford-corenlp (Maven) Jan 21, 2022
XML External Entity vulnerability in Easy-XML Critical
CVE-2020-26705 was published for easy-xml (pip) Nov 1, 2021
XML External Entity vulnerability in MODX CMS Critical
CVE-2020-25911 was published for modx/revolution (Composer) Nov 1, 2021
XML Injection in Any23 Critical
CVE-2021-38555 was published for org.apache.any23:apache-any23 (Maven) Sep 13, 2021
Improper Restriction of XML External Entity Reference in Quokka Critical
CVE-2020-18705 was published for quokka (pip) Aug 30, 2021
Improper Restriction of XML External Entity Reference in Quokka Critical
CVE-2020-18703 was published for quokka (pip) Aug 30, 2021
Arbitrary code injection in json-sanitizer Critical
CVE-2021-23899 was published for com.mikesamuel:json-sanitizer (Maven) Jun 16, 2021
Improper Restriction of XML External Entity Reference in MPXJ Critical
CVE-2020-25020 was published for net.sf.mpxj:mpxj (Maven) May 7, 2021
SVGlib Vulnerable to XXE Attacks Critical
CVE-2020-10799 was published for svglib (pip) May 6, 2021
XML External Entity attack in log4net Critical
CVE-2018-1285 was published for log4net (NuGet) Jan 29, 2021
ProTip! Advisories are also available from the GraphQL API