GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,048 advisories
Filter by severity
Improper Restriction of XML External Entity Reference in soa-model
Critical
CVE-2021-43090
was published
for
com.predic8:soa-model-core
(Maven)
Mar 26, 2022
GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity (XXE) vulnerability...
High
Unreviewed
CVE-2021-44477
was published
Mar 26, 2022
A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10...
Moderate
Unreviewed
CVE-2022-0861
was published
Mar 24, 2022
The wechat_return function in /controller/Index.php of EyouCms V1.5.4-UTF8-SP3 passes the user's...
High
Unreviewed
CVE-2021-42194
was published
Mar 22, 2022
XML external entity (XXE) attacks in Jenkins Xcode integration Plugin
High
CVE-2021-21656
was published
for
org.jenkins-ci.plugins:xcode-plugin
(Maven)
Mar 18, 2022
XML external entity (XXE) injection in Apache Nutch
Critical
CVE-2021-23901
was published
for
org.apache.nutch:nutch
(Maven)
Mar 18, 2022
XML External Entities Vulnerability in CVRF-CSAF-Converter
Moderate
CVE-2022-27193
was published
for
cvrf2csaf
(pip)
Mar 16, 2022
Agent-to-controller security bypass in Jenkins Semantic Versioning Plugin
High
CVE-2022-27201
was published
for
org.jenkins-ci.plugins:semantic-versioning-plugin
(Maven)
Mar 16, 2022
Signiant - Manager+Agents XML External Entity (XXE) - Extract internal files of the affected...
Critical
Unreviewed
CVE-2022-22795
was published
Mar 11, 2022
An issue was discovered in OverIT Geocall before version 8.0. An authenticated user who has the...
Moderate
Unreviewed
CVE-2022-22835
was published
Mar 11, 2022
Improper Restriction of XML External Entity Reference in trytond and proteus
Moderate
CVE-2022-26661
was published
for
proteus
(pip)
Mar 11, 2022
Improper Restriction of XML External Entity Reference in Any23
Critical
CVE-2022-25312
was published
for
org.apache.any23:apache-any23
(Maven)
Mar 6, 2022
Improper Restriction of XML External Entity Reference in Liquibase
Critical
CVE-2022-0839
was published
for
org.liquibase:liquibase-core
(Maven)
Mar 5, 2022
XML External Entity Reference in Hazelcast
Critical
CVE-2022-0265
was published
for
com.hazelcast:hazelcast
(Maven)
Mar 4, 2022
Improper Restriction of XML External Entity Reference in com.monitorjbl:xlsx-streamer
Critical
CVE-2022-23640
was published
for
com.monitorjbl:xlsx-streamer
(Maven)
Mar 2, 2022
In JetBrains TeamCity before 2021.2.1, XXE during the parsing of the configuration file was...
Critical
Unreviewed
CVE-2022-24340
was published
Feb 26, 2022
A local, authenticated attacker could use an XML External Entity (XXE) attack to exploit weakly...
High
Unreviewed
CVE-2020-14478
was published
Feb 25, 2022
Improper Restriction of XML External Entity Reference in Jenkins Chef Sinatra
High
CVE-2022-25209
was published
for
org.jenkins-ci.plugins:sinatra-chef-builder
(Maven)
Feb 16, 2022
Improper Restriction of XML External Entity Reference in Magnolia CMS
High
CVE-2021-46365
was published
for
info.magnolia:magnolia-core
(Maven)
Feb 12, 2022
Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R)...
High
Unreviewed
CVE-2022-21205
was published
Feb 11, 2022
Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before...
High
Unreviewed
CVE-2022-21220
was published
Feb 11, 2022
Improper Restriction of XML External Entity Reference
High
CVE-2020-13692
was published
for
org.postgresql:postgresql
(Maven)
Feb 10, 2022
Signiant Manager+Agents before 15.1 allows XML External Entity (XXE) attacks.
Critical
Unreviewed
CVE-2021-46660
was published
Jan 31, 2022
On BIG-IP FPS, ASM, and Advanced WAF versions 16.1.x before 16.1.1, 15.1.x before 15.1.4, and 14...
Moderate
Unreviewed
CVE-2022-23031
was published
Jan 26, 2022
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable to an XML External Entity...
High
Unreviewed
CVE-2020-4876
was published
Jan 22, 2022
ProTip!
Advisories are also available from the
GraphQL API