GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,751
Composer 4,748
Erlang 35
GitHub Actions 29
Go 2,321
Maven 5,605
npm 3,955
NuGet 712
pip 3,736
Pub 12
RubyGems 921
Rust 972
Swift 38

Unreviewed advisories

All unreviewed 257,916

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,107 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SysAid - Okta SSO integration - was found vulnerable to XML External Entity Injection... Critical Unreviewed

CVE-2022-23170 was published Jun 25, 2022

Vulnerability that affects org.springframework.ws:spring-ws and org.springframework.ws:spring-xml Critical

CVE-2019-3773 was published for org.springframework.ws:spring-ws (Maven) Jan 25, 2019

IBM API Connect 5.0.6.0 is vulnerable to an XML External Entity Injection (XXE) attack when... High Unreviewed

CVE-2017-1322 was published May 17, 2022

Due to improper input sanitization of XML input in SAP Business One - version 10.0, an attacker... High Unreviewed

CVE-2022-35168 was published Jul 13, 2022

IBM Security Guardium 10.0 is vulnerable to a XML External Entity Injection (XXE) attack when... High Unreviewed

CVE-2017-1254 was published May 17, 2022

XML External Entity Reference in Eclipse Lyo Moderate

CVE-2021-41042 was published for org.eclipse.lyo:lyo-parent (Maven) Jul 8, 2022

An XML External Entity vulnerability in Cisco WebEx Meetings Server could allow an authenticated,... Moderate Unreviewed

CVE-2017-3811 was published May 17, 2022

Hudson XML API susceptible to External Entity Injection Vunerability prior to v3.3.2 Critical

CVE-2015-8031 was published for org.jvnet.hudson.main:hudson-core (Maven) Jul 15, 2022

XML external entity (XXE) vulnerability in Citrix XenMobile Server 9.x and 10.x before 10.5 RP3... High Unreviewed

CVE-2017-9231 was published May 17, 2022

IBM Curam Social Program Management 6.0 and 7.0 are vulnerable to a denial of service, caused by... Critical Unreviewed

CVE-2016-6111 was published May 17, 2022

An XML External Entity (XXE) issue exists in OSCI-Transport 1.2 as used in OSCI Transport Library... Critical Unreviewed

CVE-2017-10670 was published May 17, 2022

IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an... Moderate Unreviewed

CVE-2016-0254 was published May 17, 2022

IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of service, caused by an XML External... High Unreviewed

CVE-2016-9698 was published May 17, 2022

An XML External Entity Injection vulnerability in Juniper Networks Junos Space versions prior to... Moderate Unreviewed

CVE-2017-2308 was published May 17, 2022

IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to a denial of service, caused... High Unreviewed

CVE-2016-9691 was published May 17, 2022

Insufficient user input in Apache Jetspeed-2 Critical

CVE-2022-32533 was published for org.apache.portals.jetspeed-2:jetspeed-commons (Maven) Jul 7, 2022

IBM QRadar 7.2 is vulnerable to a denial of service, caused by an XML External Entity Injection ... High Unreviewed

CVE-2016-9724 was published May 17, 2022

It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform... Critical Unreviewed

CVE-2017-7503 was published May 17, 2022

IBM InfoSphere Information Server is vulnerable to a denial of service, caused by an XML External... High Unreviewed

CVE-2016-6059 was published May 17, 2022

IBM Team Concert (RTC) is vulnerable to a denial of service, caused by an XML External Entity... High Unreviewed

CVE-2017-1103 was published May 17, 2022

IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity... High Unreviewed

CVE-2016-9707 was published May 17, 2022

IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to an XML... High Unreviewed

CVE-2022-22358 was published Jul 20, 2022

WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity ... Moderate Unreviewed

CVE-2017-8056 was published May 17, 2022

External Entity Processing (XXE) vulnerability in the "risk score" application of NetIQ Access... Moderate Unreviewed

CVE-2016-5748 was published May 17, 2022

XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service. Moderate Unreviewed

CVE-2016-4931 was published May 17, 2022

Previous 1 2 3 4 5 6 … 44 45 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,107 advisories