Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

349 advisories

Loading
IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through... High Unreviewed
CVE-2018-1588 was published May 13, 2022
IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable... High Unreviewed
CVE-2018-1607 was published May 13, 2022
IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 - 7.5.0.16, 7.5.1.0 - 7.5.1... High Unreviewed
CVE-2018-1669 was published May 13, 2022
IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 are... High Unreviewed
CVE-2018-1702 was published May 13, 2022
IBM QRadar SIEM 7.2 and 7.3 is vulnerable to a XML External Entity Injection (XXE) attack when... High Unreviewed
CVE-2018-1730 was published May 13, 2022
IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 is vulnerable to a XML External Entity... High Unreviewed
CVE-2018-1747 was published May 13, 2022
IBM Daeja ViewONE Professional, Standard & Virtual 5 is vulnerable to a XML External Entity... High Unreviewed
CVE-2018-1835 was published May 13, 2022
IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable... High Unreviewed
CVE-2018-1846 was published May 13, 2022
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML External Entity Injection (XXE... High Unreviewed
CVE-2018-1844 was published May 13, 2022
IBM WebSphere Application Server 9.0.0.0 through 9.0.0.9 is vulnerable to a XML External Entity... High Unreviewed
CVE-2018-1905 was published May 13, 2022
IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML External Entity Injection ... High Unreviewed
CVE-2018-1920 was published May 13, 2022
IBM Security Identity Manager 7.0.1 is vulnerable to a XML External Entity Injection (XXE) attack... High Unreviewed
CVE-2018-1970 was published May 13, 2022
SAP Business Process Automation (BPA) By Redwood does not sufficiently validate an XML document... High Unreviewed
CVE-2018-2401 was published May 13, 2022
IBM Security Identity Manager 6.0.0 Virtual Appliance is vulnerable to a XML External Entity... High Unreviewed
CVE-2018-2019 was published May 13, 2022
In Eclipse Kura versions up to 4.0.0, the Web UI package and component services, the Artemis... High Unreviewed
CVE-2019-10244 was published May 13, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0 snf 6.0.0.0 is vulnerable to an XML External... High Unreviewed
CVE-2019-4043 was published May 13, 2022
The Office Open XML (OOXML) feature in Adobe ColdFusion 10 before Update 21 and 11 before Update... High Unreviewed
CVE-2016-4264 was published May 13, 2022
Adobe ColdFusion has an XML external entity (XXE) injection vulnerability. This affects Update 4... High Unreviewed
CVE-2017-11286 was published May 13, 2022
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have... High Unreviewed
CVE-2018-4942 was published May 13, 2022
IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML External Entity Injection (XXE... High Unreviewed
CVE-2017-1477 was published May 13, 2022
Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data... High Unreviewed
CVE-2018-11048 was published May 13, 2022
ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to... High Unreviewed
CVE-2013-1915 was published May 13, 2022
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15... High Unreviewed
CVE-2018-13823 was published May 13, 2022
SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents... High Unreviewed
CVE-2018-2492 was published May 13, 2022
The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote... High Unreviewed
CVE-2017-8913 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database