Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

320 advisories

Loading
Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view... Moderate Unreviewed
CVE-2023-35786 was published Jul 5, 2023
Improper restriction of XML external entity reference (XXE) vulnerability exists in FRENIC RHC... Moderate Unreviewed
CVE-2023-29498 was published Jun 13, 2023
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can... Moderate Unreviewed
CVE-2023-32706 was published Jun 1, 2023
A vulnerability classified as problematic was found in Weaver e-cology up to 9.0. Affected by... Moderate Unreviewed
CVE-2023-2806 was published May 19, 2023
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ... Moderate Unreviewed
CVE-2023-20173 was published May 18, 2023
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ... Moderate Unreviewed
CVE-2023-20174 was published May 18, 2023
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed
CVE-2022-45876 was published Apr 27, 2023
Zoho ManageEngine ServiceDesk Plus through 14104 allows admin users to conduct an XXE attack. Moderate Unreviewed
CVE-2023-29443 was published Apr 26, 2023
An XXE issue was discovered in Nokia NetAct before 22 FP2211 via an XML document to the... Moderate Unreviewed
CVE-2023-26057 was published Apr 25, 2023
An XXE issue was discovered in Nokia NetAct before 22 FP2211 via an XML document to a Performance... Moderate Unreviewed
CVE-2023-26058 was published Apr 25, 2023
All versions of Talend Data Catalog before 8.0-20230110 are potentially vulnerable to XML... Moderate Unreviewed
CVE-2023-26263 was published Apr 13, 2023
All versions of Talend Data Catalog before 8.0-20220907 are potentially vulnerable to XML... Moderate Unreviewed
CVE-2023-26264 was published Apr 13, 2023
A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The application... Moderate Unreviewed
CVE-2023-28828 was published Apr 11, 2023
National land numerical information data conversion tool all versions improperly restricts XML... Moderate Unreviewed
CVE-2023-25955 was published Apr 11, 2023
Zoho ManageEngine Applications Manager through 16320 allows the admin user to conduct an XXE attack. Moderate Unreviewed
CVE-2023-28340 was published Apr 11, 2023
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2023-20030 was published Apr 5, 2023
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including... Moderate Unreviewed
CVE-2022-43941 was published Apr 3, 2023
A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of... Moderate Unreviewed
CVE-2022-43473 was published Mar 30, 2023
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed
CVE-2022-46300 was published Mar 22, 2023
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed
CVE-2022-45121 was published Mar 22, 2023
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed
CVE-2022-45468 was published Mar 22, 2023
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed
CVE-2022-46286 was published Mar 22, 2023
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed
CVE-2022-43512 was published Mar 22, 2023
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user... Moderate Unreviewed
CVE-2022-41696 was published Mar 22, 2023
SAP NetWeaver allows (SAP Enterprise Portal) - version 7.50, allows an authenticated attacker... Moderate Unreviewed
CVE-2023-26461 was published Mar 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database