GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
38 advisories
Filter by severity
Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that...
High
Unreviewed
CVE-2015-9541
was published
May 24, 2022
InstallBuilder AutoUpdate tool and regular installers enabling <checkForUpdates> built with...
High
Unreviewed
CVE-2020-3946
was published
May 24, 2022
Kubernetes apimachinery packages vulnerable to unbounded recursion in JSON or YAML parsing
High
GHSA-74fp-r6jw-h4mp
was published
for
k8s.io/apimachinery
(Go)
Feb 8, 2023
Symfony XML Entity Expansion security vulnerability
High
GHSA-q2gc-gg3x-7942
was published
for
symfony/symfony
(Composer)
May 30, 2024
symfony/translation XML Entity Expansion vulnerability
High
GHSA-f75p-x5vm-83qp
was published
for
symfony/translation
(Composer)
May 30, 2024
symfony/validator XML Entity Expansion vulnerability
High
GHSA-4vf2-qfg3-7598
was published
for
symfony/validator
(Composer)
May 30, 2024
Zendframework Denial of Service vector via XEE injection
High
GHSA-2jx7-xg83-j2m7
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
Hitachi Vantara Pentaho Business Analytics Server versions before 10.1.0.0 and 9.3.0.7, including...
High
Unreviewed
CVE-2024-28982
was published
Jun 27, 2024
ebookmeta XML External Entity vulnerability
High
CVE-2024-36827
was published
for
ebookmeta
(pip)
Jun 7, 2024
ebookmeta XML External Entity vulnerability
High
CVE-2024-37388
was published
for
ebookmeta
(pip)
Jun 7, 2024
REXML denial of service vulnerability
High
CVE-2024-43398
was published
for
rexml
(RubyGems)
Aug 22, 2024
untangle vulnerable to XML Entity Expansion
High
CVE-2022-33977
was published
for
untangle
(pip)
Aug 6, 2022
XML2Dict XML Entity Expansion Vulnerability
High
CVE-2021-25951
was published
for
XML2Dict
(pip)
Jul 2, 2021
ProTip!
Advisories are also available from the
GraphQL API