Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,670
Maven
5,000+
npm
4,296
NuGet
760
pip
4,075
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,160 advisories

Loading
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,... Moderate Unreviewed
CVE-2020-26066 was published Nov 18, 2024
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,... Moderate Unreviewed
CVE-2021-1483 was published Nov 15, 2024
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an... High Unreviewed
CVE-2024-39726 was published Nov 15, 2024
Improper Restriction of XML External Entity Reference in dompdf/dompdf Critical
CVE-2021-3902 was published for dompdf/dompdf (Composer) Nov 15, 2024
A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS... Moderate Unreviewed
CVE-2024-5919 was published Nov 14, 2024
XSS Attack in mar.jar, Monitoring Archive Utility (MAR Utility), monitoringconsolecommon.jar in... Critical Unreviewed
CVE-2024-10218 was published Nov 12, 2024
XXE vulnerability in XSLT parsing in `org.hl7.fhir.core` High
CVE-2024-52007 was published for ca.uhn.hapi.fhir:org.hl7.fhir.dstu2016may (Maven) Nov 8, 2024
soaringlion
Credited to soaringlion
Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to... High Unreviewed
CVE-2024-10839 was published Nov 8, 2024
PHPExcel XXE Vulnerability High
CVE-2015-3542 was published for phpoffice/phpexcel (Composer) Nov 7, 2024
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read... Moderate Unreviewed
CVE-2024-20531 was published Nov 6, 2024
HAPI FHIR XML External Entity (XXE) vulnerability High
CVE-2024-51132 was published for ca.uhn.hapi.fhir:org.hl7.fhir.convertors (Maven) Nov 5, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection ... Moderate Unreviewed
CVE-2024-45086 was published Nov 4, 2024
An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to... Critical Unreviewed
CVE-2024-51136 was published Nov 4, 2024
Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor... Moderate Unreviewed
CVE-2024-50442 was published Oct 28, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed
CVE-2024-4189 was published Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed
CVE-2024-4184 was published Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application... Moderate Unreviewed
CVE-2024-4690 was published Oct 16, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection ... Moderate Unreviewed
CVE-2024-45072 was published Oct 16, 2024
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... High Unreviewed
CVE-2024-21255 was published Oct 15, 2024
When the XML is read from the codes in the PDF and parsed using a DocumentBuilder, the default... Moderate Unreviewed
CVE-2024-8602 was published Oct 14, 2024
Apache XML Graphics FOP XML External Entity Reference ('XXE') vulnerability Moderate
CVE-2024-28168 was published for org.apache.xmlgraphics:fop-core (Maven) Oct 9, 2024
westonsteimel
Credited to westonsteimel
Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection... Low Unreviewed
CVE-2024-39586 was published Oct 9, 2024
XXE in PHPSpreadsheet's XLSX reader High
CVE-2024-45293 was published for phpoffice/phpexcel (Composer) Oct 7, 2024
0xshade ixSly
Credited to 0xshade and ixSly
TopQuadrant TopBraid EDG before version 8.0.1 allows an authenticated attacker to upload an XML... Moderate Unreviewed
CVE-2024-45745 was published Sep 27, 2024
DataEase has an XML External Entity Reference vulnerability High
CVE-2024-46985 was published for io.dataease:common (Maven) Sep 23, 2024
flylzj
Credited to flylzj
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database