GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
232 advisories
Filter by severity
A XML External Entity (XXE) vulnerability has been identified in Easy Tax Client Software 2023 1...
Moderate
Unreviewed
CVE-2024-9044
was published
Nov 29, 2024
An XML External Entity (XXE) vulnerability in the Import object and Translation Memory import...
Moderate
Unreviewed
CVE-2024-50848
was published
Nov 18, 2024
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,...
Moderate
Unreviewed
CVE-2020-26066
was published
Nov 18, 2024
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,...
Moderate
Unreviewed
CVE-2021-1483
was published
Nov 15, 2024
A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS...
Moderate
Unreviewed
CVE-2024-5919
was published
Nov 14, 2024
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read...
Moderate
Unreviewed
CVE-2024-20531
was published
Nov 6, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection ...
Moderate
Unreviewed
CVE-2024-45086
was published
Nov 4, 2024
e-Tax software Version3.0.10 and earlier improperly restricts XML external entity references (XXE...
Moderate
Unreviewed
CVE-2023-46802
was published
Nov 6, 2023
Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor...
Moderate
Unreviewed
CVE-2024-50442
was published
Oct 28, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application...
Moderate
Unreviewed
CVE-2024-4690
was published
Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application...
Moderate
Unreviewed
CVE-2024-4189
was published
Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application...
Moderate
Unreviewed
CVE-2024-4184
was published
Oct 16, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection ...
Moderate
Unreviewed
CVE-2024-45072
was published
Oct 16, 2024
When the XML is read from the codes in the PDF and parsed using a DocumentBuilder, the default...
Moderate
Unreviewed
CVE-2024-8602
was published
Oct 14, 2024
An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in...
Moderate
Unreviewed
CVE-2023-5136
was published
Nov 8, 2023
TopQuadrant TopBraid EDG before version 8.0.1 allows an authenticated attacker to upload an XML...
Moderate
Unreviewed
CVE-2024-45745
was published
Sep 27, 2024
SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details...
Moderate
Unreviewed
CVE-2023-41365
was published
Oct 10, 2023
An issue was discovered in OverIT Geocall before version 8.0. An authenticated user who has the...
Moderate
Unreviewed
CVE-2022-22835
was published
Mar 11, 2022
Electronic Deliverables Creation Support Tool (Construction Edition) prior to Ver1.0.4 and...
Moderate
Unreviewed
CVE-2024-21796
was published
Jan 24, 2024
Improper restriction of XML external entity references vulnerability exists in FitNesse all...
Moderate
Unreviewed
CVE-2024-28039
was published
Mar 18, 2024
In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE)...
Moderate
Unreviewed
CVE-2024-3930
was published
Jul 30, 2024
Improper Restriction of XML External Entity Reference vulnerability in PruvaSoft Informatics...
Moderate
Unreviewed
CVE-2024-5625
was published
Jul 18, 2024
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1...
Moderate
Unreviewed
CVE-2024-4357
was published
May 15, 2024
Microsoft SharePoint Server Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-30043
was published
May 14, 2024
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to...
Moderate
Unreviewed
CVE-2024-23525
was published
Jan 18, 2024
ProTip!
Advisories are also available from the
GraphQL API