Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,005
Maven
5,000+
npm
4,733
NuGet
788
pip
4,343
Pub
12
RubyGems
987
Rust
1,137
Swift
50
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

350 advisories

Loading
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1... High Unreviewed
CVE-2025-36247 was published Feb 17, 2026
CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... High Unreviewed
CVE-2026-1227 was published Feb 11, 2026
This High severity XXE (XML External Entity Injection) vulnerability was introduced in version 7... High Unreviewed
CVE-2026-21569 was published Jan 28, 2026
The Demo Importer Plus plugin for WordPress is vulnerable to XML External Entity Injection (XXE)... High Unreviewed
CVE-2025-14478 was published Jan 17, 2026
Geonetwork 3.10 through 4.2.0 contains an XML external entity vulnerability in PDF rendering that... High Unreviewed
CVE-2022-50899 was published Jan 14, 2026
Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Improper Restriction of XML... High Unreviewed
CVE-2025-36589 was published Jan 6, 2026
KYOCERA Net Admin 3.4.0906 contains an XML External Entity (XXE) injection vulnerability in the... High Unreviewed
CVE-2019-25253 was published Dec 24, 2025
NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity ... High Unreviewed
CVE-2018-25142 was published Dec 24, 2025
N-central versions < 2025.4 are vulnerable to an XML External Entities injection leading to... High Unreviewed
CVE-2025-11700 was published Nov 12, 2025
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction... High Unreviewed
CVE-2025-61813 was published Dec 10, 2025
PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML... High Unreviewed
CVE-2025-63917 was published Nov 17, 2025
A Server-Side Request Forgery (SSRF) vulnerability, achievable through an XML External Entity ... High Unreviewed
CVE-2025-63551 was published Nov 6, 2025
When the Kiuwan Local Analyzer uploads the scan results to the Kiuwan SAST web application ... High Unreviewed
CVE-2023-49110 was published Jun 20, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... High Unreviewed
CVE-2023-32327 was published Feb 3, 2024
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to an XML external... High Unreviewed
CVE-2025-12531 was published Nov 3, 2025
Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and... High Unreviewed
CVE-2023-45727 was published Oct 18, 2023
Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 ... High Unreviewed
CVE-2019-13608 was published May 24, 2022
Improper restriction of XML external entity reference issue exists in DataSpider Servista 4.4 and... High Unreviewed
CVE-2025-48006 was published Sep 29, 2025
Sangfor Behavior Management System (also referred to as DC Management System in Chinese-language... High Unreviewed
CVE-2023-7307 was published Aug 28, 2025
Improper Restriction of XML External Entity Reference in various Lexmark printer drivers for... High Unreviewed
CVE-2025-4044 was published Aug 19, 2025
In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external... High Unreviewed
CVE-2025-8355 was published Aug 8, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by an Improper Restriction of... High Unreviewed
CVE-2025-54254 was published Aug 5, 2025
Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics... High Unreviewed
CVE-2025-54445 was published Jul 23, 2025
Lantronix Provisioning Manager is vulnerable to XML external entity attacks in configuration... High Unreviewed
CVE-2025-7766 was published Jul 23, 2025
IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 is vulnerable to an XML external entity... High Unreviewed
CVE-2025-33121 was published Jun 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database