GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,184

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

271 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Delta Electronics EIP Builder version 1.11 is vulnerable to a File Parsing XML External Entity... Moderate Unreviewed

CVE-2025-57704 was published Aug 26, 2025

Dell CloudLink, versions 8.0 through 8.1.1, contains an Improper Restriction of XML External... Moderate Unreviewed

CVE-2025-26484 was published Aug 14, 2025

A vulnerability has been identified in SIMOTION SCOUT TIA V5.4 (All versions), SIMOTION SCOUT TIA... Moderate Unreviewed

CVE-2025-40584 was published Aug 12, 2025

Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of... Moderate Unreviewed

CVE-2025-36608 was published Jul 30, 2025

SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE)... Moderate Unreviewed

CVE-2025-26400 was published Jul 29, 2025

An XML External Entity (XXE) injection vulnerability exists in ETQ Reliance on the CG (legacy)... Moderate Unreviewed

CVE-2025-34142 was published Jul 22, 2025

Dell AppSync, version(s) 4.6.0.0, contains an Improper Restriction of XML External Entity... Moderate Unreviewed

CVE-2025-36603 was published Jul 21, 2025

A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects... Moderate Unreviewed

CVE-2025-7824 was published Jul 19, 2025

agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain an XML... Moderate Unreviewed

CVE-2025-52162 was published Jul 18, 2025

CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could... Moderate Unreviewed

CVE-2025-6438 was published Jul 11, 2025

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Restriction... Moderate Unreviewed

CVE-2025-49544 was published Jul 8, 2025

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Restriction... Moderate Unreviewed

CVE-2025-49539 was published Jul 8, 2025

Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE)... Moderate Unreviewed

CVE-2025-49493 was published Jun 30, 2025

Lantronix Device installer is vulnerable to XML external entity (XXE) attacks in configuration... Moderate Unreviewed

CVE-2025-4338 was published May 23, 2025

GFI MailEssentials prior to version 21.8 is vulnerable to an XML External Entity (XXE) issue. An... Moderate Unreviewed

CVE-2025-34490 was published Apr 28, 2025

An improper XML parsing vulnerability was reported in the FileZ client that could allow arbitrary... Moderate Unreviewed

CVE-2025-2070 was published Apr 25, 2025

Overview XML documents optionally contain a Document Type Definition (DTD), which, among... Moderate Unreviewed

CVE-2025-24910 was published Apr 17, 2025

Overview XML documents optionally contain a Document Type Definition (DTD), which, among... Moderate Unreviewed

CVE-2025-24911 was published Apr 17, 2025

An XXE issue in the Director NBR component in NAKIVO Backup & Replication 10.3.x through 11.0.1... Moderate Unreviewed

CVE-2025-32406 was published Apr 8, 2025

Improper Restriction of XML External Entity Reference vulnerability in supsystic Easy Google Maps... Moderate Unreviewed

CVE-2025-32138 was published Apr 4, 2025

In JetBrains GoLand before 2025.1 an XXE during debugging was possible Moderate Unreviewed

CVE-2025-29932 was published Mar 25, 2025

Improper Restriction of XML External Entity Reference vulnerability in Jalios JPlatform allows... Moderate Unreviewed

CVE-2025-25036 was published Mar 21, 2025

External XML entity injection allows arbitrary download of files. The score without least... Moderate Unreviewed

CVE-2025-24521 was published Mar 5, 2025

RSA Authentication Manager before 8.7 SP2 Patch 1 allows XML External Entity (XXE) attacks via a... Moderate Unreviewed

CVE-2024-25066 was published Feb 17, 2025

A vulnerability, which was classified as problematic, has been found in ywoa up to 2024.07.03.... Moderate Unreviewed

CVE-2025-1225 was published Feb 12, 2025

Previous1…11 Next

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

271 advisories