Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xxe vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2022-28155
Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Pipeline\\ Phoenix Autotest
5.5
CVSSv2
CVE-2018-17152
Intersystems Cache 2017.2.2.865.0 allows XXE.
Intersystems Cache 2017.2.2.865.0
Intersystems Cache 2018.1.2
NA
CVE-2022-48565
An XML External Entity (XXE) issue exists in Python up to and including 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.
Python Python
Debian Debian Linux 10.0
5.5
CVSSv2
CVE-2022-28154
Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Coverage\\/complexity Scatter Plot
4.3
CVSSv2
CVE-2020-24656
Maltego prior to 4.2.12 allows XXE attacks.
Maltego Maltego
1 Github repository
5
CVSSv2
CVE-2021-29421
models/metadata.py in the pikepdf package 1.3.0 up to and including 2.9.2 for Python allows XXE when parsing XMP metadata entries.
Pikepdf Project Pikepdf
Fedoraproject Fedora 32
Fedoraproject Fedora 33
4
CVSSv2
CVE-2020-35123
In Zimbra Collaboration Suite Network Edition versions < 9.0.0 P10 and 8.8.15 P17, there exists an XXE vulnerability in the saml consumer store extension, which is vulnerable to XXE attacks. This has been fixed in Zimbra Collaboration Suite Network edition 9.0.0 Patch 10 and 8...
Zimbra Collaboration
Zimbra Collaboration 8.8.15
Zimbra Collaboration 9.0.0
7.5
CVSSv2
CVE-2013-4334
opWebAPIPlugin 0.5.1, 0.4.0, and 0.1.0: XXE Vulnerabilities
Tejimaya Opwebapiplugin 0.1.0
Tejimaya Opwebapiplugin 0.4.0
Tejimaya Opwebapiplugin 0.5.1
7.5
CVSSv2
CVE-2018-20059
jaxb/JaxbEngine.java in Pippo 1.11.0 allows XXE.
Pippo Pippo 1.11.0
7.5
CVSSv2
CVE-2019-20627
AutoUpdater.cs in AutoUpdater.NET prior to 1.5.8 allows XXE.
Rbsoft Autoupdater.net
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »