Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,675
Maven
5,000+
npm
4,297
NuGet
760
pip
4,077
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+

370 advisories

Loading
WSO2 Carbon Mediation vulnerable to XML External Entity (XXE) attacks Moderate
CVE-2025-10713 was published for org.wso2.carbon.mediation:org.wso2.carbon.localentry (Maven) Nov 5, 2025
GFI MailEssentials prior to version 21.8 is vulnerable to an XML External Entity (XXE) issue. An... Moderate Unreviewed
CVE-2025-34490 was published Apr 28, 2025
An XML External Entity (XXE) injection vulnerability exists in ETQ Reliance on the CG (legacy)... Moderate Unreviewed
CVE-2025-34142 was published Jul 22, 2025
CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... Moderate Unreviewed
CVE-2025-6438 was published Jul 11, 2025
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper... Moderate Unreviewed
CVE-2025-46425 was published Oct 24, 2025
BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML... Moderate Unreviewed
CVE-2016-9563 was published Apr 30, 2022
An XML External Entity (XXE) vulnerability in the Import object and Translation Memory import... Moderate Unreviewed
CVE-2024-50848 was published Nov 18, 2024
Eclipse JGit XML External Entity (XXE) Vulnerability Moderate
CVE-2025-4949 was published for org.eclipse.jgit:org.eclipse.jgit (Maven) May 21, 2025
A vulnerability, which was classified as problematic, was found in zhangyanbo2007 youkefu up to 4... Moderate Unreviewed
CVE-2025-3241 was published Apr 4, 2025
A vulnerability was found in Jinher OA up to 1.2. This impacts an unknown function of the file ... Moderate Unreviewed
CVE-2025-10092 was published Sep 8, 2025
A vulnerability has been found in Jinher OA up to 1.2. This affects an unknown function of the... Moderate Unreviewed
CVE-2025-10091 was published Sep 8, 2025
A vulnerability was determined in Jinher OA 2.0. The impacted element is an unknown function of... Moderate Unreviewed
CVE-2025-11035 was published Sep 26, 2025
In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2025-20369 was published Oct 1, 2025
A vulnerability was identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-11140 was published Sep 29, 2025
A security flaw has been discovered in Jinher OA 2.0. This affects an unknown part of the file ... Moderate Unreviewed
CVE-2025-10816 was published Sep 23, 2025
Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE)... Moderate Unreviewed
CVE-2025-49493 was published Jun 30, 2025
Improper Restriction of XML External Entity Reference in Castor Moderate
CVE-2014-3004 was published for org.castor:castor (Maven) May 13, 2022
AndrzejBiernacki2010
Credited to AndrzejBiernacki2010
A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects... Moderate Unreviewed
CVE-2025-7824 was published Jul 19, 2025
Delta Electronics EIP Builder version 1.11 is vulnerable to a File Parsing XML External Entity... Moderate Unreviewed
CVE-2025-57704 was published Aug 26, 2025
Dell CloudLink, versions 8.0 through 8.1.1, contains an Improper Restriction of XML External... Moderate Unreviewed
CVE-2025-26484 was published Aug 14, 2025
A vulnerability has been identified in SIMOTION SCOUT TIA V5.4 (All versions), SIMOTION SCOUT TIA... Moderate Unreviewed
CVE-2025-40584 was published Aug 12, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of... Moderate Unreviewed
CVE-2025-36608 was published Jul 30, 2025
SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE)... Moderate Unreviewed
CVE-2025-26400 was published Jul 29, 2025
Dell AppSync, version(s) 4.6.0.0, contains an Improper Restriction of XML External Entity... Moderate Unreviewed
CVE-2025-36603 was published Jul 21, 2025
agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain an XML... Moderate Unreviewed
CVE-2025-52162 was published Jul 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database