GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,952

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

232 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow... Moderate Unreviewed

CVE-2018-0100 was published May 13, 2022

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to... Moderate Unreviewed

CVE-2018-0108 was published May 13, 2022

A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an... Moderate Unreviewed

CVE-2018-0414 was published May 13, 2022

In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2... Moderate Unreviewed

CVE-2018-17889 was published May 13, 2022

IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13,... Moderate Unreviewed

CVE-2018-1801 was published May 13, 2022

The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator -... Moderate Unreviewed

CVE-2018-5433 was published May 13, 2022

The TIBCO Designer component of TIBCO Software Inc.'s TIBCO Runtime Agent, and TIBCO Runtime... Moderate Unreviewed

CVE-2018-5434 was published May 13, 2022

External Entity Attack vulnerability in the ePO extension in McAfee Common UI (CUI) 2.0.2 allows... Moderate Unreviewed

CVE-2018-6670 was published May 13, 2022

A vulnerability in the web-based user interface of Cisco Internet of Things Field Network... Moderate Unreviewed

CVE-2019-1698 was published May 13, 2022

The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option... Moderate Unreviewed

CVE-2015-3451 was published May 13, 2022

A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior... Moderate Unreviewed

CVE-2018-0207 was published May 13, 2022

A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior... Moderate Unreviewed

CVE-2018-0218 was published May 13, 2022

IBM Security Access Manager for Web is vulnerable to a denial of service, caused by an XML... Moderate Unreviewed

CVE-2016-3027 was published May 13, 2022

XML external entity (XXE) vulnerability in Geist WatchDog Console 3.2.2 allows remote... Moderate Unreviewed

CVE-2018-10077 was published May 13, 2022

XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows... Moderate Unreviewed

CVE-2017-11457 was published May 13, 2022

In Single Sign-On for Pivotal Cloud Foundry (PCF) 1.3.x versions prior to 1.3.4 and 1.4.x... Moderate Unreviewed

CVE-2017-8040 was published May 13, 2022

expat 2.1.0 and earlier does not properly handle entities expansion unless an application... Moderate Unreviewed

CVE-2013-0340 was published May 5, 2022

Talend Administration Center has a vulnerability that allows an authenticated user to use XML... Moderate Unreviewed

CVE-2022-29943 was published May 5, 2022

Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice... Moderate Unreviewed

CVE-2012-0037 was published May 4, 2022

In four instances DMARS (All versions prior to v2.1.10.24) does not properly restrict references... Moderate Unreviewed

CVE-2022-1331 was published May 4, 2022

The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to... Moderate Unreviewed

CVE-2005-1306 was published May 1, 2022

BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML... Moderate Unreviewed

CVE-2016-9563 was published Apr 30, 2022

The affected product is vulnerable to a network-based attack by threat actors supplying a crafted... Moderate Unreviewed

CVE-2021-43990 was published Apr 21, 2022

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... Moderate Unreviewed

CVE-2022-0221 was published Apr 14, 2022

When opening a malicious solution file provided by an attacker, the application suffers from an... Moderate Unreviewed

CVE-2022-1018 was published Apr 3, 2022

Previous 1 2 … 6 7 8 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

232 advisories