Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xml external entity vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4357
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, allows low-privilege malicious user to read systems file via XML External Entity Processing.
NA
CVE-2014-0644
EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote malicious users to read arbitrary files via an api/login request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, as demonstrated by...
Emc Cloud Tiering Appliance Software 10.0
Emc Cloud Tiering Appliance -
1 EDB exploit
8.1
CVSSv3
CVE-2018-11048
Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 contain a XML External Entity (XXE) Injection vulnerability in the REST API. An authenticated remote malicious user could potentially exploit t...
Dell Emc Data Protection Advisor 6.2
Dell Emc Data Protection Advisor 6.3
Dell Emc Data Protection Advisor 6.4
Dell Emc Data Protection Advisor 6.5
Dell Emc Integrated Data Protection Appliance 2.0
Dell Emc Integrated Data Protection Appliance 2.1
8.8
CVSSv3
CVE-2022-21949
A Improper Restriction of XML External Entity Reference vulnerability in SUSE Open Build Service allows remote malicious users to reference external entities in certain operations. This can be used to gain information from the server that can be abused to escalate to Admin privil...
Opensuse Open Build Service
NA
CVE-2023-39472
Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Inductive Automation Ignition. Authentication is requ...
NA
CVE-2013-4295
The gadget renderer in Apache Shindig 2.5.0 for PHP allows remote malicious users to obtain sensitive information via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Apache Shindig 2.5.0
1 EDB exploit
NA
CVE-2023-40503
LG Simple Editor saveXmlFile XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulne...
NA
CVE-2023-40506
LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulne...
NA
CVE-2023-40507
LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulne...
6.5
CVSSv3
CVE-2020-26981
A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). When opening a specially crafted xml file, the application could disclose arbitrary files to remote attackers. This is because of the passing of special...
Siemens Jt2go
Siemens Teamcenter Visualization
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »