GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,048 advisories
Filter by severity
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an...
High
Unreviewed
CVE-2024-39726
was published
Nov 15, 2024
Improper Restriction of XML External Entity Reference in dompdf/dompdf
Critical
CVE-2021-3902
was published
for
dompdf/dompdf
(Composer)
Nov 15, 2024
A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS...
Moderate
Unreviewed
CVE-2024-5919
was published
Nov 14, 2024
XSS Attack in mar.jar, Monitoring Archive Utility (MAR Utility), monitoringconsolecommon.jar in...
Critical
Unreviewed
CVE-2024-10218
was published
Nov 12, 2024
XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`
High
CVE-2024-52007
was published
for
ca.uhn.hapi.fhir:org.hl7.fhir.dstu2016may
(Maven)
Nov 8, 2024
Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to...
High
Unreviewed
CVE-2024-10839
was published
Nov 8, 2024
PHPExcel XXE Vulnerability
High
CVE-2015-3542
was published
for
phpoffice/phpexcel
(Composer)
Nov 7, 2024
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read...
Moderate
Unreviewed
CVE-2024-20531
was published
Nov 6, 2024
HAPI FHIR XML External Entity (XXE) vulnerability
High
CVE-2024-51132
was published
for
ca.uhn.hapi.fhir:org.hl7.fhir.convertors
(Maven)
Nov 5, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection ...
Moderate
Unreviewed
CVE-2024-45086
was published
Nov 4, 2024
An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to...
Critical
Unreviewed
CVE-2024-51136
was published
Nov 4, 2024
Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor...
Moderate
Unreviewed
CVE-2024-50442
was published
Oct 28, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection ...
Moderate
Unreviewed
CVE-2024-45072
was published
Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application...
Moderate
Unreviewed
CVE-2024-4189
was published
Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application...
Moderate
Unreviewed
CVE-2024-4184
was published
Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application...
Moderate
Unreviewed
CVE-2024-4690
was published
Oct 16, 2024
When the XML is read from the codes in the PDF and parsed using a DocumentBuilder, the default...
Moderate
Unreviewed
CVE-2024-8602
was published
Oct 14, 2024
Apache XML Graphics FOP XML External Entity Reference ('XXE') vulnerability
Moderate
CVE-2024-28168
was published
for
org.apache.xmlgraphics:fop-core
(Maven)
Oct 9, 2024
Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection...
Low
Unreviewed
CVE-2024-39586
was published
Oct 9, 2024
XXE in PHPSpreadsheet's XLSX reader
High
CVE-2024-45293
was published
for
phpoffice/phpspreadsheet
(Composer)
Oct 7, 2024
TopQuadrant TopBraid EDG before version 8.0.1 allows an authenticated attacker to upload an XML...
Moderate
Unreviewed
CVE-2024-45745
was published
Sep 27, 2024
DataEase has an XML External Entity Reference vulnerability
High
CVE-2024-46985
was published
for
io.dataease:common
(Maven)
Sep 23, 2024
Gematik Referenzvalidator has an XXE vulnerability that can lead to a Server Side Request Forgery attack
High
CVE-2024-46984
was published
for
de.gematik.refv.commons:commons
(Maven)
Sep 19, 2024
Kimai has an XXE Leading to Local File Read
High
GHSA-534c-hcr7-67jg
was published
for
kimai/kimai
(Composer)
Sep 17, 2024
Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure...
Critical
Unreviewed
CVE-2024-7098
was published
Sep 16, 2024
ProTip!
Advisories are also available from the
GraphQL API