Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xxe vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2022-28140
Jenkins Flaky Test Handler Plugin 1.2.1 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Flaky Test Handler
8.1
CVSSv3
CVE-2022-28155
Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Pipeline\\ Phoenix Autotest
6.5
CVSSv3
CVE-2020-24656
Maltego prior to 4.2.12 allows XXE attacks.
Maltego Maltego
1 Github repository
8.1
CVSSv3
CVE-2022-28154
Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Coverage\\/complexity Scatter Plot
9.8
CVSSv3
CVE-2022-48565
An XML External Entity (XXE) issue exists in Python up to and including 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.
Python Python
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2021-29421
models/metadata.py in the pikepdf package 1.3.0 up to and including 2.9.2 for Python allows XXE when parsing XMP metadata entries.
Pikepdf Project Pikepdf
Fedoraproject Fedora 32
Fedoraproject Fedora 33
9.8
CVSSv3
CVE-2019-20627
AutoUpdater.cs in AutoUpdater.NET prior to 1.5.8 allows XXE.
Rbsoft Autoupdater.net
9.8
CVSSv3
CVE-2013-4334
opWebAPIPlugin 0.5.1, 0.4.0, and 0.1.0: XXE Vulnerabilities
Tejimaya Opwebapiplugin 0.1.0
Tejimaya Opwebapiplugin 0.4.0
Tejimaya Opwebapiplugin 0.5.1
9.8
CVSSv3
CVE-2018-20059
jaxb/JaxbEngine.java in Pippo 1.11.0 allows XXE.
Pippo Pippo 1.11.0
6.5
CVSSv3
CVE-2020-35123
In Zimbra Collaboration Suite Network Edition versions < 9.0.0 P10 and 8.8.15 P17, there exists an XXE vulnerability in the saml consumer store extension, which is vulnerable to XXE attacks. This has been fixed in Zimbra Collaboration Suite Network edition 9.0.0 Patch 10 and 8...
Zimbra Collaboration
Zimbra Collaboration 8.8.15
Zimbra Collaboration 9.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »