Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,633
Erlang
34
GitHub Actions
25
Go
2,239
Maven
5,000+
npm
3,900
NuGet
701
pip
3,667
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

323 advisories

Loading
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection (XXE) attack... High Unreviewed
CVE-2020-4300 was published May 24, 2022
IBM WebSphere Application Server 8.0, 8.5, 9.0, and Liberty Java Batch is vulnerable to an XML... High Unreviewed
CVE-2021-20492 was published May 24, 2022
Elastic App Search versions after 7.11.0 and before 7.12.0 contain an XML External Entity... High Unreviewed
CVE-2021-22140 was published May 24, 2022
In IntelliJ IDEA before 2020.3.3, XXE was possible, leading to information disclosure. High Unreviewed
CVE-2021-30006 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server... High Unreviewed
CVE-2021-1530 was published May 24, 2022
IBM QRadar SIEM 7.3 and 7.4 may vulnerable to a XML External Entity Injection (XXE) attack when... High Unreviewed
CVE-2020-5013 was published May 24, 2022
A remote XML external entity (XXE) vulnerability was discovered in Aruba ClearPass Policy Manager... High Unreviewed
CVE-2021-29140 was published May 24, 2022
An XML External Entities (XXE) vulnerability in Media Server component of Avaya Equinox... High Unreviewed
CVE-2020-7037 was published May 24, 2022
A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform... High Unreviewed
CVE-2021-25163 was published May 24, 2022
A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform... High Unreviewed
CVE-2021-25165 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity... High Unreviewed
CVE-2021-20454 was published May 24, 2022
IBM WebSphere Application Server 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity... High Unreviewed
CVE-2021-20453 was published May 24, 2022
Forcepoint Web Security Content Gateway versions prior to 8.5.4 improperly process XML input,... High Unreviewed
CVE-2020-6590 was published May 24, 2022
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is vulnerable to XML... High Unreviewed
CVE-2021-22158 was published May 24, 2022
IBM Cloud Pak for Automation 20.0.2 and 20.0.3 IF002 are vulnerable to an XML External Entity... High Unreviewed
CVE-2021-20482 was published May 24, 2022
IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when... High Unreviewed
CVE-2021-20502 was published May 24, 2022
/exec in TranzWare e-Commerce Payment Gateway (TWEC PG) before 3.1.27.5 had a vulnerability in... High Unreviewed
CVE-2021-28110 was published May 24, 2022
SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to... High Unreviewed
CVE-2021-21517 was published May 24, 2022
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External... High Unreviewed
CVE-2019-18943 was published May 24, 2022
Pelco Digital Sentry Server 7.18.72.11464 has an XML External Entity vulnerability (exploitable... High Unreviewed
CVE-2021-27184 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity... High Unreviewed
CVE-2021-20353 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity... High Unreviewed
CVE-2020-4949 was published May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected... High Unreviewed
CVE-2020-27858 was published May 24, 2022
XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management ... High Unreviewed
CVE-2021-22498 was published May 24, 2022
The TIBCO EBX Add-on for Oracle Hyperion EPM, TIBCO EBX Data Exchange Add-on, and TIBCO EBX... High Unreviewed
CVE-2020-27148 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database