Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xxe vulnerabilities and exploits
(subscribe to this query)
490
VMScore
CVE-2022-28140
Jenkins Flaky Test Handler Plugin 1.2.1 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Flaky Test Handler
490
VMScore
CVE-2018-17152
Intersystems Cache 2017.2.2.865.0 allows XXE.
Intersystems Cache 2017.2.2.865.0
Intersystems Cache 2018.1.2
NA
CVE-2022-48565
An XML External Entity (XXE) issue exists in Python up to and including 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.
Python Python
Debian Debian Linux 10.0
490
VMScore
CVE-2022-28154
Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Coverage\\/complexity Scatter Plot
383
VMScore
CVE-2020-24656
Maltego prior to 4.2.12 allows XXE attacks.
Maltego Maltego
1 Github repository
445
VMScore
CVE-2021-29421
models/metadata.py in the pikepdf package 1.3.0 up to and including 2.9.2 for Python allows XXE when parsing XMP metadata entries.
Pikepdf Project Pikepdf
Fedoraproject Fedora 32
Fedoraproject Fedora 33
356
VMScore
CVE-2020-35123
In Zimbra Collaboration Suite Network Edition versions < 9.0.0 P10 and 8.8.15 P17, there exists an XXE vulnerability in the saml consumer store extension, which is vulnerable to XXE attacks. This has been fixed in Zimbra Collaboration Suite Network edition 9.0.0 Patch 10 and 8...
Zimbra Collaboration
Zimbra Collaboration 8.8.15
Zimbra Collaboration 9.0.0
668
VMScore
CVE-2018-20059
jaxb/JaxbEngine.java in Pippo 1.11.0 allows XXE.
Pippo Pippo 1.11.0
668
VMScore
CVE-2013-4334
opWebAPIPlugin 0.5.1, 0.4.0, and 0.1.0: XXE Vulnerabilities
Tejimaya Opwebapiplugin 0.1.0
Tejimaya Opwebapiplugin 0.4.0
Tejimaya Opwebapiplugin 0.5.1
668
VMScore
CVE-2019-20627
AutoUpdater.cs in AutoUpdater.NET prior to 1.5.8 allows XXE.
Rbsoft Autoupdater.net
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »