GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
311 advisories
Filter by severity
IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13,...
Moderate
Unreviewed
CVE-2018-1801
was published
May 13, 2022
An External XML entity (XXE) vulnerability in ePO prior to 5.10 Update 14 can lead to an...
Moderate
Unreviewed
CVE-2022-3338
was published
Oct 18, 2022
In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2...
Moderate
Unreviewed
CVE-2018-17889
was published
May 13, 2022
The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator -...
Moderate
Unreviewed
CVE-2018-5433
was published
May 13, 2022
The TIBCO Designer component of TIBCO Software Inc.'s TIBCO Runtime Agent, and TIBCO Runtime...
Moderate
Unreviewed
CVE-2018-5434
was published
May 13, 2022
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an...
Moderate
Unreviewed
CVE-2022-38419
was published
Oct 15, 2022
A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an...
Moderate
Unreviewed
CVE-2018-0414
was published
May 13, 2022
A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow...
Moderate
Unreviewed
CVE-2018-0100
was published
May 13, 2022
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to...
Moderate
Unreviewed
CVE-2018-0108
was published
May 13, 2022
Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10.4 update 1 allows remote...
Moderate
Unreviewed
CVE-2015-2125
was published
May 13, 2022
XML External Entity Reference in jbpmmigration
Moderate
CVE-2017-7545
was published
for
org.jbpm.jbpm5:jbpmmigration
(Maven)
May 13, 2022
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products ...
Moderate
Unreviewed
CVE-2017-3548
was published
May 13, 2022
An XML External Entity vulnerability in the web-based user interface of the Cisco Secure Access...
Moderate
Unreviewed
CVE-2017-3839
was published
May 13, 2022
The Microsoft Common Console Document (.msc) in Microsoft Windows 7 SP1, Windows Server 2008 SP2...
Moderate
Unreviewed
CVE-2017-8710
was published
May 13, 2022
An XML external entity (XXE) injection vulnerability in Kwoksys Kwok Information Server before v2...
Moderate
Unreviewed
CVE-2022-45326
was published
Dec 6, 2022
SLD Registration in SAP HANA (fixed in versions 1.0, 2.0) does not sufficiently validate an XML...
Moderate
Unreviewed
CVE-2019-0284
was published
May 14, 2022
The administration backup restore resource in Atlassian Crowd before version 3.0.2 and from...
Moderate
Unreviewed
CVE-2017-18110
was published
May 14, 2022
An XML External Entity Injection (XXE) vulnerability in the Management System (console) of...
Moderate
Unreviewed
CVE-2019-8997
was published
May 14, 2022
SAP HANA extended application services, version 1, advanced does not sufficiently validate an XML...
Moderate
Unreviewed
CVE-2019-0277
was published
May 14, 2022
Windows System Information Console in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows...
Moderate
Unreviewed
CVE-2017-8557
was published
May 14, 2022
FreePlane version 1.5.9 and earlier contains a XML External Entity (XXE) vulnerability in XML...
Moderate
Unreviewed
CVE-2018-1000069
was published
May 14, 2022
SLD Registration of ABAP Platform allows an attacker to prevent legitimate users from accessing a...
Moderate
Unreviewed
CVE-2019-0265
was published
May 14, 2022
HornetQ REST vulnerable to Improper Restriction of XML External Entity Reference
Moderate
CVE-2014-3599
was published
for
org.hornetq.rest:hornetq-rest
(Maven)
May 24, 2022
S3 Browser before 8.1.5 contains an XML external entity (XXE) vulnerability, allowing remote...
Moderate
Unreviewed
CVE-2018-20298
was published
May 14, 2022
The Upload add-on resource in Atlassian Universal Plugin Manager before version 2.22.14 allows...
Moderate
Unreviewed
CVE-2018-20233
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API