GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
15 advisories
Filter by severity
ALIN MDaemon Security Gateway through 8.5.0 allows XML Injection.
Moderate
Unreviewed
CVE-2022-25356
was published
Apr 6, 2022
IBM BigFix Remote Control before 9.1.3 allows remote attackers to conduct XML injection attacks...
Moderate
Unreviewed
CVE-2016-2932
was published
May 17, 2022
Due to missing input validation, SAP Financial Consolidation, before versions 10.0 and 10.1,...
Moderate
Unreviewed
CVE-2019-0370
was published
May 24, 2022
An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_* functions mishandle XML...
Moderate
Unreviewed
CVE-2019-20201
was published
May 24, 2022
A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.3.1...
Moderate
Unreviewed
CVE-2020-3846
was published
May 24, 2022
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs...
Moderate
Unreviewed
CVE-2021-31347
was published
May 24, 2022
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs...
Moderate
Unreviewed
CVE-2021-31348
was published
May 24, 2022
Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0...
Moderate
Unreviewed
CVE-2021-22524
was published
May 24, 2022
An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0...
Moderate
Unreviewed
CVE-2019-9892
was published
May 24, 2022
An XPath Injection vulnerability due to Improper Input Validation in the J-Web component of...
Moderate
Unreviewed
CVE-2022-22243
was published
Oct 18, 2022
An XPath Injection vulnerability in the J-Web component of Juniper Networks Junos OS allows an...
Moderate
Unreviewed
CVE-2022-22244
was published
Oct 18, 2022
Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier)...
Moderate
Unreviewed
CVE-2023-29289
was published
Jun 15, 2023
Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability. This...
Moderate
Unreviewed
CVE-2023-32173
was published
May 3, 2024
An issue was discovered in Logpoint before 7.4.0. A path injection vulnerability is seen while...
Moderate
Unreviewed
CVE-2024-33858
was published
May 7, 2024
XPath Injection vulnerabilities in the blog and RSS functions of Modern Campus - Omni CMS 2023.1...
Moderate
Unreviewed
CVE-2023-35858
was published
Jun 13, 2024
ProTip!
Advisories are also available from the
GraphQL API