GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,139
Composer 4,333
Erlang 31
GitHub Actions 21
Go 2,094
Maven 5,264
npm 3,759
NuGet 678
pip 3,445
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,471

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

730 advisories

Filter by severity

Sort by

Least recently updated

Pega Platform from 6.x to 8.8.4 is affected by an XXE issue with PDF Generation. High Unreviewed

CVE-2023-50168 was published Mar 14, 2024

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an... Moderate Unreviewed

CVE-2023-25926 was published Feb 29, 2024

An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x,... High Unreviewed

CVE-2024-22024 was published Feb 13, 2024

SAP NetWeaver AS Java (CAF - Guided Procedures) - version 7.50, allows an unauthenticated... High Unreviewed

CVE-2024-24743 was published Feb 13, 2024

The XML parser in Magic xpi Integration Platform 4.13.4 allows XXE attacks, e.g., via onItemImport. Moderate Unreviewed

CVE-2023-52239 was published Feb 6, 2024

IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... High Unreviewed

CVE-2023-32327 was published Feb 3, 2024

When SEW-EURODRIVE MOVITOOLS MotionStudio processes XML information unrestricted file access can... Moderate Unreviewed

CVE-2024-1167 was published Feb 1, 2024

Improper Restriction of XML External Entity Reference vulnerability in OpenText AppBuilder on... Moderate Unreviewed

CVE-2023-4554 was published Jan 29, 2024

Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture... Moderate Unreviewed

CVE-2024-22380 was published Jan 24, 2024

Electronic Delivery Check System (Doboku) Ver.18.1.0 and earlier, Electronic Delivery Check... Moderate Unreviewed

CVE-2024-21765 was published Jan 24, 2024

Electronic Deliverables Creation Support Tool (Construction Edition) prior to Ver1.0.4 and... Moderate Unreviewed

CVE-2024-21796 was published Jan 24, 2024

The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to... Moderate Unreviewed

CVE-2024-23525 was published Jan 18, 2024

An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code... Critical Unreviewed

CVE-2023-26999 was published Jan 9, 2024

Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua code because of a... Critical Unreviewed

CVE-2023-52252 was published Dec 30, 2023

An unauthenticated could abuse a XXE vulnerability in the Smart Device Server to leak data or... Moderate Unreviewed

CVE-2023-46265 was published Dec 19, 2023

An XXE (XML External Entity) vulnerability has been detected in 52North WPS affecting versions... High Unreviewed

CVE-2023-6280 was published Dec 19, 2023

An XEE vulnerability has been found in Repox, which allows a remote attacker to interfere with... High Unreviewed

CVE-2023-6721 was published Dec 13, 2023

In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered... Low Unreviewed

CVE-2023-6194 was published Dec 11, 2023

Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Restriction of XML... High Unreviewed

CVE-2023-22274 was published Nov 17, 2023

A vulnerability has been identified in Siemens OPC UA Modelling Editor (SiOME) (All versions < V2... High Unreviewed

CVE-2023-46590 was published Nov 14, 2023

An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in... Moderate Unreviewed

CVE-2023-5136 was published Nov 8, 2023

e-Tax software Version3.0.10 and earlier improperly restricts XML external entity references (XXE... Moderate Unreviewed

CVE-2023-46802 was published Nov 6, 2023

An issue was discovered in VERMEG AgileReporter 21.3. XXE can occur via an XML document to the... Moderate Unreviewed

CVE-2022-34832 was published Oct 27, 2023

Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. An XXE attack... Moderate Unreviewed

CVE-2023-43067 was published Oct 23, 2023

CX-Designer Ver.3.740 and earlier (included in CX-One CXONE-AL[][]D-V4) contains an improper... Moderate Unreviewed

CVE-2023-43624 was published Oct 23, 2023

Previous 1 2 3 4 5 6 … 29 30 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

730 advisories