Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xml external entity vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-10266
An issue exists in Ahsay Cloud Backup Suite prior to 8.1.1.50. When sending an out-of-bounds XML document to a URL, it is possible to read the file structure and even the content of files without authentication.
Ahsay Cloud Backup Suite
1 EDB exploit
4.9
CVSSv3
CVE-2021-2303
Vulnerability in the OSS Support Tools product of Oracle Support Tools (component: Diagnostic Assistant). The supported version that is affected is before 2.12.41. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise OSS Supp...
7.5
CVSSv3
CVE-2019-13608
Citrix StoreFront Server prior to 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks.
Citrix Storefront Server
NA
CVE-2023-51591
Voltronic Power ViewPower Pro doDocument XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Voltronic Power ViewPower Pro. Authentication is not requi...
NA
CVE-2023-51600
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required t...
NA
CVE-2023-51601
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required t...
NA
CVE-2023-51602
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required t...
NA
CVE-2023-51604
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required t...
NA
CVE-2023-51605
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required t...
NA
CVE-2023-44412
D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote malicious users to disclose sensitive information on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerabili...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »