Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,003
Maven
5,000+
npm
4,732
NuGet
788
pip
4,341
Pub
12
RubyGems
987
Rust
1,137
Swift
50
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

287 advisories

Loading
MSN Password Recovery 1.30 contains an XML external entity injection vulnerability that allows... Moderate Unreviewed
CVE-2020-37192 was published Feb 11, 2026
A vulnerability was identified in O2OA up to 9.0.0. This impacts an unknown function of the file ... Moderate Unreviewed
CVE-2026-2074 was published Feb 7, 2026
A vulnerability in the licensing features of Cisco Identity Services Engine (ISE) and Cisco... Moderate Unreviewed
CVE-2026-20029 was published Jan 7, 2026
OpenXRechnungToolbox through 2024-10-05-3.0.0 before 6c50e89 allows XXE because the disallow... Moderate Unreviewed
CVE-2024-58335 was published Dec 24, 2025
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction... Moderate Unreviewed
CVE-2025-61823 was published Dec 10, 2025
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction... Moderate Unreviewed
CVE-2025-61821 was published Dec 10, 2025
Kivitendo before 3.9.2 allows XXE injection. By uploading an electronic invoice in the ZUGFeRD... Moderate Unreviewed
CVE-2025-66370 was published Nov 28, 2025
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper... Moderate Unreviewed
CVE-2025-46425 was published Oct 24, 2025
A security flaw has been discovered in Jinher OA up to 2.0. This affects an unknown function of... Moderate Unreviewed
CVE-2025-11341 was published Oct 6, 2025
In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2025-20369 was published Oct 1, 2025
A vulnerability was identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-11140 was published Sep 29, 2025
A vulnerability was determined in Jinher OA 2.0. The impacted element is an unknown function of... Moderate Unreviewed
CVE-2025-11035 was published Sep 26, 2025
A security flaw has been discovered in Jinher OA 2.0. This affects an unknown part of the file ... Moderate Unreviewed
CVE-2025-10816 was published Sep 23, 2025
A vulnerability was found in Jinher OA up to 1.2. This impacts an unknown function of the file ... Moderate Unreviewed
CVE-2025-10092 was published Sep 8, 2025
A vulnerability has been found in Jinher OA up to 1.2. This affects an unknown function of the... Moderate Unreviewed
CVE-2025-10091 was published Sep 8, 2025
Delta Electronics EIP Builder version 1.11 is vulnerable to a File Parsing XML External Entity... Moderate Unreviewed
CVE-2025-57704 was published Aug 26, 2025
Dell CloudLink, versions 8.0 through 8.1.1, contains an Improper Restriction of XML External... Moderate Unreviewed
CVE-2025-26484 was published Aug 14, 2025
A vulnerability has been identified in SIMOTION SCOUT TIA V5.4 (All versions), SIMOTION SCOUT TIA... Moderate Unreviewed
CVE-2025-40584 was published Aug 12, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of... Moderate Unreviewed
CVE-2025-36608 was published Jul 30, 2025
SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE)... Moderate Unreviewed
CVE-2025-26400 was published Jul 29, 2025
An XML External Entity (XXE) injection vulnerability exists in ETQ Reliance on the CG (legacy)... Moderate Unreviewed
CVE-2025-34142 was published Jul 22, 2025
Dell AppSync, version(s) 4.6.0.0, contains an Improper Restriction of XML External Entity... Moderate Unreviewed
CVE-2025-36603 was published Jul 21, 2025
A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects... Moderate Unreviewed
CVE-2025-7824 was published Jul 19, 2025
agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain an XML... Moderate Unreviewed
CVE-2025-52162 was published Jul 18, 2025
CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... Moderate Unreviewed
CVE-2025-6438 was published Jul 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database