GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,286
Composer 4,356
Erlang 33
GitHub Actions 22
Go 2,121
Maven 5,299
npm 3,783
NuGet 683
pip 3,465
Pub 12
RubyGems 893
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,304

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

243 advisories

Filter by severity

Sort by

Least recently updated

e-Tax software Version3.0.10 and earlier improperly restricts XML external entity references (XXE... Moderate Unreviewed

CVE-2023-46802 was published Nov 6, 2023

An issue was discovered in VERMEG AgileReporter 21.3. XXE can occur via an XML document to the... Moderate Unreviewed

CVE-2022-34832 was published Oct 27, 2023

Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. An XXE attack... Moderate Unreviewed

CVE-2023-43067 was published Oct 23, 2023

CX-Designer Ver.3.740 and earlier (included in CX-One CXONE-AL[][]D-V4) contains an improper... Moderate Unreviewed

CVE-2023-43624 was published Oct 23, 2023

SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details... Moderate Unreviewed

CVE-2023-41365 was published Oct 10, 2023

FD Application Apr. 2022 Edition (Version 9.01) and earlier improperly restricts XML external... Moderate Unreviewed

CVE-2023-42132 was published Oct 2, 2023

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,... Moderate Unreviewed

CVE-2020-26064 was published Aug 4, 2023

The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity... Moderate Unreviewed

CVE-2023-30951 was published Aug 4, 2023

Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references (XXE... Moderate Unreviewed

CVE-2023-32639 was published Jul 25, 2023

XBRL data create application version 7.0 and earlier improperly restricts XML external entity... Moderate Unreviewed

CVE-2023-32635 was published Jul 19, 2023

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... Moderate Unreviewed

CVE-2023-37200 was published Jul 12, 2023

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... Moderate Unreviewed

CVE-2023-2161 was published Jul 6, 2023

Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view... Moderate Unreviewed

CVE-2023-35786 was published Jul 5, 2023

Improper restriction of XML external entity reference (XXE) vulnerability exists in FRENIC RHC... Moderate Unreviewed

CVE-2023-29498 was published Jun 13, 2023

On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can... Moderate Unreviewed

CVE-2023-32706 was published Jun 1, 2023

A vulnerability classified as problematic was found in Weaver e-cology up to 9.0. Affected by... Moderate Unreviewed

CVE-2023-2806 was published May 19, 2023

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ... Moderate Unreviewed

CVE-2023-20174 was published May 18, 2023

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ... Moderate Unreviewed

CVE-2023-20173 was published May 18, 2023

Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed

CVE-2022-45876 was published Apr 27, 2023

Zoho ManageEngine ServiceDesk Plus through 14104 allows admin users to conduct an XXE attack. Moderate Unreviewed

CVE-2023-29443 was published Apr 26, 2023

An XXE issue was discovered in Nokia NetAct before 22 FP2211 via an XML document to the... Moderate Unreviewed

CVE-2023-26057 was published Apr 25, 2023

An XXE issue was discovered in Nokia NetAct before 22 FP2211 via an XML document to a Performance... Moderate Unreviewed

CVE-2023-26058 was published Apr 25, 2023

An issue found in Ego Studio SuperClean v.1.1.9 and v.1.1.5 allows an attacker to gain privileges... Moderate Unreviewed

CVE-2023-27652 was published Apr 20, 2023

All versions of Talend Data Catalog before 8.0-20220907 are potentially vulnerable to XML... Moderate Unreviewed

CVE-2023-26264 was published Apr 13, 2023

All versions of Talend Data Catalog before 8.0-20230110 are potentially vulnerable to XML... Moderate Unreviewed

CVE-2023-26263 was published Apr 13, 2023

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

243 advisories