GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,672
Composer 4,466
Erlang 33
GitHub Actions 23
Go 2,167
Maven 5,398
npm 3,830
NuGet 696
pip 3,508
Pub 12
RubyGems 910
Rust 906
Swift 38

Unreviewed advisories

All unreviewed 247,876

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

322 advisories

Filter by severity

Sort by

Least recently updated

IBM Aspera Shares 1.9.9 through 1.10.0 PL7 is vulnerable to an XML external entity injection (XXE... High Unreviewed

CVE-2025-0162 was published Mar 7, 2025

IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages is vulnerable to an XML external entity... High Unreviewed

CVE-2024-49781 was published Feb 20, 2025

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to... High Unreviewed

CVE-2023-47160 was published Feb 19, 2025

IBM EntireX 11.1 is vulnerable to an XML external entity injection (XXE) attack when processing... High Unreviewed

CVE-2024-54171 was published Feb 6, 2025

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and... High Unreviewed

CVE-2024-49352 was published Feb 5, 2025

An XML External Entity (XXE) vulnerability exists in the Ambari/Oozie project, allowing an... High Unreviewed

CVE-2025-23195 was published Jan 22, 2025

In multiple functions of UserDictionaryProvider.java, there is a possible way to add and delete... High Unreviewed

CVE-2018-9375 was published Jan 18, 2025

CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... High Unreviewed

CVE-2024-12476 was published Jan 17, 2025

An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. An XML... High Unreviewed

CVE-2024-46602 was published Jan 7, 2025

An XML External Entity (XXE) vulnerability in Elspec Engineering G5 Digital Fault Recorder... High Unreviewed

CVE-2024-46603 was published Jan 7, 2025

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed

CVE-2024-11622 was published Nov 27, 2024

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed

CVE-2024-53674 was published Nov 27, 2024

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed

CVE-2024-53675 was published Nov 27, 2024

Possible XML External Entity Injection in iManager GET parameter has been discovered in... High Unreviewed

CVE-2023-24466 was published Nov 22, 2024

IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an... High Unreviewed

CVE-2024-39726 was published Nov 15, 2024

Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to... High Unreviewed

CVE-2024-10839 was published Nov 8, 2024

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... High Unreviewed

CVE-2024-21255 was published Oct 15, 2024

An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before... High Unreviewed

CVE-2024-37397 was published Sep 12, 2024

Loftware Spectrum before 4.6 HF14 allows authenticated XXE attacks. High Unreviewed

CVE-2023-37233 was published Sep 10, 2024

XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC... High Unreviewed

CVE-2024-22218 was published Aug 15, 2024

XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to... High Unreviewed

CVE-2024-38653 was published Aug 14, 2024

The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to contain references to... High Unreviewed

CVE-2024-6893 was published Aug 8, 2024

IBM Engineering Requirements Management DOORS Web Access 9.7.2.8 is vulnerable to an XML External... High Unreviewed

CVE-2023-50304 was published Jul 18, 2024

When the Kiuwan Local Analyzer uploads the scan results to the Kiuwan SAST web application ... High Unreviewed

CVE-2023-49110 was published Jun 20, 2024

IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 is vulnerable to an XML... High Unreviewed

CVE-2023-45192 was published Jun 6, 2024

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

322 advisories