Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

14 advisories

Loading
Kimai has an XXE Leading to Local File Read Moderate
GHSA-534c-hcr7-67jg was published for kimai/kimai (Composer) Sep 17, 2024
ixSly
SilverStripe XXE Vulnerability in CSSContentParser Moderate
CVE-2020-25817 was published for silverstripe/framework (Composer) May 24, 2022
Information disclosure through processing of external XML entities Moderate
CVE-2019-8126 was published for magento/community-edition (Composer) Nov 12, 2019
phpMyAdmin vulnerable to XML external entity (XXE) injection attack Moderate
CVE-2011-4107 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
ZendXml and Zend Framework contain XXE and XEE Vulnerabilities Moderate
CVE-2015-5161 was published for zendframework/zendframework (Composer) May 17, 2022
Moodle Arbitrary File Read via XML External Entity vulnerability Moderate
CVE-2014-3543 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Zend Framework XXE Vulnerability Moderate
CVE-2012-5657 was published for zendframework/zendframework1 (Composer) May 17, 2022
XML External Entity (XXE) vulnerability in the XML data handler Moderate
CVE-2023-38490 was published for getkirby/cms (Composer) Jul 28, 2023
noraj dapatrese
Several Zend Products Vulnerable to XXE and XEE attacks Moderate
CVE-2014-2681 was published for zendframework/zendframework1 (Composer) May 14, 2022
Several Zend Products Vulnerable to XXE and XEE attacks Moderate
CVE-2014-2682 was published for zendframework/zendframework1 (Composer) May 14, 2022
Several Zend Products Vulnerable to XXE and XEE attacks Moderate
CVE-2014-2683 was published for zendframework/zendframework1 (Composer) May 14, 2022
PHPExcel vulnerable to XXE attacks through libxml Moderate
CVE-2014-2054 was published for phpoffice/phpexcel (Composer) May 17, 2022
Concrete CMS vulnerable to XML External Entity Moderate
CVE-2022-43689 was published for concrete5/concrete5 (Composer) Nov 15, 2022
Authenticated XML External Entity Processing Moderate
GHSA-8xv9-qcr9-ww9j was published for shopware/core (Composer) Oct 19, 2020
dahua966
ProTip! Advisories are also available from the GraphQL API