GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,048 advisories
Filter by severity
XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager...
Moderate
Unreviewed
CVE-2017-9295
was published
May 17, 2022
It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform...
Critical
Unreviewed
CVE-2017-7503
was published
May 17, 2022
IBM Team Concert (RTC) is vulnerable to a denial of service, caused by an XML External Entity...
High
Unreviewed
CVE-2017-1103
was published
May 17, 2022
IBM InfoSphere Information Server is vulnerable to a denial of service, caused by an XML External...
High
Unreviewed
CVE-2016-6059
was published
May 17, 2022
IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity...
High
Unreviewed
CVE-2016-9707
was published
May 17, 2022
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to an XML...
High
Unreviewed
CVE-2022-22358
was published
Jul 20, 2022
WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity ...
Moderate
Unreviewed
CVE-2017-8056
was published
May 17, 2022
External Entity Processing (XXE) vulnerability in the "risk score" application of NetIQ Access...
Moderate
Unreviewed
CVE-2016-5748
was published
May 17, 2022
XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service.
Moderate
Unreviewed
CVE-2016-4931
was published
May 17, 2022
XML external entity vulnerability in PRTG Network Monitor before 16.2.23.3077/3078 allows remote...
Moderate
Unreviewed
CVE-2015-7743
was published
May 17, 2022
Unit4 ERP through 7.9 allows XXE via ExecuteServerProcessAsynchronously.
Moderate
Unreviewed
CVE-2022-34001
was published
Jul 20, 2022
XML External Entity (XXE) Vulnerability in /SSOPOST/metaAlias/%realm%/idpv2 in OpenAM - Access...
High
Unreviewed
CVE-2016-10097
was published
May 17, 2022
IBM UrbanCode Deploy (UCD) 6.0, 6.1, and 6.2 is vulnerable to a denial of service, caused by an...
High
Unreviewed
CVE-2017-1149
was published
May 17, 2022
IBM Integration Bus 9.0 and 10.0 and WebSphere Message Broker SOAP FLOWS is vulnerable to a...
Critical
Unreviewed
CVE-2016-9706
was published
May 17, 2022
XML External Entity (XXE) vulnerability in Grails PDF Plugin 0.6 allows remote attackers to read...
Moderate
Unreviewed
CVE-2017-6344
was published
May 17, 2022
An XML External Entity (XXE) issue was discovered in Emerson Liebert SiteScan Web Version 6.5,...
Critical
Unreviewed
CVE-2016-8348
was published
May 17, 2022
Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has XXE.
Critical
Unreviewed
CVE-2015-7273
was published
May 17, 2022
perl-Image-Info: When parsing an SVG file, external entity expansion (XXE) was not disabled. An...
High
Unreviewed
CVE-2016-9181
was published
May 17, 2022
USB Pratirodh allows remote attackers to conduct XML External Entity (XXE) attacks via XML data...
Critical
Unreviewed
CVE-2017-6895
was published
May 17, 2022
NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML...
Moderate
Unreviewed
CVE-2016-5749
was published
May 17, 2022
Apache CloudStack version 4.5.0 and later has a SAML 2.0 authentication Service Provider plugin...
Critical
Unreviewed
CVE-2022-35741
was published
Jul 19, 2022
IBM Rhapsody DM 4.0, 5.0 and 6.0 is vulnerable to a denial of service, caused by an XML External...
High
Unreviewed
CVE-2016-8974
was published
May 17, 2022
IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity...
High
Unreviewed
CVE-2016-8980
was published
May 17, 2022
OpenKM Community Edition in its 6.3.10 version and before was using XMLReader parser in...
Critical
Unreviewed
CVE-2022-2131
was published
Jul 26, 2022
IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4...
Critical
Unreviewed
CVE-2022-31775
was published
Aug 2, 2022
ProTip!
Advisories are also available from the
GraphQL API