Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xxe vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2022-28155
Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Pipeline\\ Phoenix Autotest
5.5
CVSSv2
CVE-2018-17152
Intersystems Cache 2017.2.2.865.0 allows XXE.
Intersystems Cache 2017.2.2.865.0
Intersystems Cache 2018.1.2
NA
CVE-2022-48565
An XML External Entity (XXE) issue exists in Python up to and including 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.
Python Python
Debian Debian Linux 10.0
5.5
CVSSv2
CVE-2022-28154
Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Coverage\\/complexity Scatter Plot
4.3
CVSSv2
CVE-2020-24656
Maltego prior to 4.2.12 allows XXE attacks.
Maltego Maltego
1 Github repository
5
CVSSv2
CVE-2021-29421
models/metadata.py in the pikepdf package 1.3.0 up to and including 2.9.2 for Python allows XXE when parsing XMP metadata entries.
Pikepdf Project Pikepdf
Fedoraproject Fedora 32
Fedoraproject Fedora 33
4
CVSSv2
CVE-2020-35123
In Zimbra Collaboration Suite Network Edition versions < 9.0.0 P10 and 8.8.15 P17, there exists an XXE vulnerability in the saml consumer store extension, which is vulnerable to XXE attacks. This has been fixed in Zimbra Collaboration Suite Network edition 9.0.0 Patch 10 and 8...
Zimbra Collaboration
Zimbra Collaboration 8.8.15
Zimbra Collaboration 9.0.0
7.5
CVSSv2
CVE-2013-4334
opWebAPIPlugin 0.5.1, 0.4.0, and 0.1.0: XXE Vulnerabilities
Tejimaya Opwebapiplugin 0.1.0
Tejimaya Opwebapiplugin 0.4.0
Tejimaya Opwebapiplugin 0.5.1
7.5
CVSSv2
CVE-2019-20627
AutoUpdater.cs in AutoUpdater.NET prior to 1.5.8 allows XXE.
Rbsoft Autoupdater.net
7.5
CVSSv2
CVE-2018-20059
jaxb/JaxbEngine.java in Pippo 1.11.0 allows XXE.
Pippo Pippo 1.11.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »