Lucene search
K

43 matches found

Circl
Circl
added 2026/01/21 9:18 p.m.3 views

CVE-2018-1000632

creationtimestamp| type| source ---|---|--- 2026-01-21 21:18:16+00:00| seen| https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875...

7.5CVSS7.1AI score0.0657EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2018-1000632

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an...

7.5CVSS6.7AI score0.0657EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.21 views

RHEL 7 : dom4j (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML...

7.5CVSS7.3AI score0.0657EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/11 1:32 p.m.36 views

Security Bulletin: Multiple vulnerabilities affect embedded rules in IBM Business Automation Workflow

Summary Embedded rules in IBM Business Automation Workflow are affected by multiple vulnerabilities. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2018-1000632 DESCRIPTION: dom4j could allow a remote attacker to execute arbitrary code o...

9.8CVSS9.3AI score0.3038EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/05 12:33 p.m.43 views

Security Bulletin: Vulnerability found in dom4j-1.6.1.jar which is shipped with IBM® Intelligent Operations Center(CVE-2018-1000632)

Summary Vulnerability have been identified in dom4j-1.6.1.jar which is shipped with IBM® Intelligent Operations Center. Information about this vulnerability affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

7.5CVSS7.9AI score0.0657EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/30 11:5 a.m.57 views

Security Bulletin: ITCAM for Transactions affected by the Security vulnerability CVE-2018-1000632 found in dom4j-1.6.1.jar

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following dom4j-1.6.1.jar vulnerability and updated dom4j.jar file from version 1.6.1 to 2.1.4 Vulnerability Details CVEID:CVE-2018-1000632 DESCRIPTION: dom4j could allow a remote...

7.5CVSS7.8AI score0.0657EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/08 8:24 a.m.37 views

Security Bulletin: Atlas eDiscovery Process Management is affected by a vulnerable dom4j-1.6.1.jar

Summary Atlas eDiscovery Process Management is affected by a vulnerable dom4j-1.6.1.jar. Hence dom4j-1.6.1.jar upgraded to dom4j-2.0.3.jar to fix vulnerabilities. Vulnerability Details CVEID:CVE-2020-10683 DESCRIPTION: dom4j could allow a remote authenticated attacker to obtain sensitive...

9.8CVSS9.2AI score0.07269EPSS
Exploits1Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:19 a.m.3 views

SUSE CVE-2018-1000632

dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or...

6.1CVSS8.1AI score0.0657EPSS
Exploits1References10
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/21 12:41 p.m.37 views

Security Bulletin: IBM Security Verify Governance is vulnerable to arbitrary code execution due to use of dom4j (CVE-2018-1000632)

Summary IBM Security Verify Governance uses dom4j could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation in multiple methods CVE-2018-1000632. The fix includes upgrading the dom4j jar to the patched version. Vulnerability Details...

7.5CVSS7.9AI score0.0657EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/13 8:8 p.m.106 views

Security Bulletin: Dom4j Vulnerability affects IBM SPSS Statistics (CVE-2018-1000632)

Summary There is a vulnerability in the version of Dom4j that is part of IBM SPSS Statistics. IBM SPSS Statistics has addressed this vulnerability. Vulnerability Details CVEID:CVE-2018-1000632 DESCRIPTION: dom4j could allow a remote attacker to execute arbitrary code on the system, caused by...

7.8AI score0.0657EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.14 views

Mageia: Security Advisory (MGASA-2019-0077)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.0657EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/05/13 12:0 a.m.18 views

Fedora: Security Advisory for dom4j (FEDORA-2021-8015a8cdc4)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.0657EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/16 6:3 a.m.48 views

Security Bulletin: dom4j Vulnerability in Apache Solr shipped with IBM Operations Analytics - Log Analysis Analysis (CVE-2018-1000632)

Summary There is an XML Injection vulnerability in dom4j that affects Apache Solr. Vulnerability Details CVEID: CVE-2018-1000632 DESCRIPTION: dom4j could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation in multiple methods. By sending a...

7.5CVSS1.8AI score0.0657EPSS
Exploits1Affected Software1
Atlassian
Atlassian
added 2021/02/03 10:43 p.m.70 views

Update atlassian-gadgets to 4.2.39 to fix CVE-2012-0881, CVE-2014-0114 and other vulnerabilities

Affected versions of Atlassian Fisheye and Crucible allow an unauthenticated remote attacker to achieve remote code execution, denial of service and XML external entities in Atlassian Gadgets. The CVEs involved were: CVE-2012-0881 CVE-2019-10172 CVE-2018-1000632 CVE-2016-1000031 CVE-2014-0114...

9.8CVSS9AI score0.95821EPSS
Exploits12
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/13 6:51 p.m.35 views

Security Bulletin: Dom4j XML Injection Vulnerability Affects IBM Sterling B2B Integrator (CVE-2018-1000632)

Summary IBM Sterling B2B Integrator has addressed a Dom4j XML injection vulnerability. Vulnerability Details CVEID: CVE-2018-1000632 DESCRIPTION: dom4j could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation in multiple methods. By sending a...

7.5CVSS2.4AI score0.0657EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/11/06 12:0 a.m.58 views

Ubuntu 16.04 LTS : dom4j vulnerability (USN-4619-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4619-1 advisory. Mrio Areias discovered that dom4j did not properly validate XML document elements. An attacker could exploit this with a crafted XML file to cause dom4j to crash,...

7.5CVSS7.2AI score0.0657EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2020/11/05 4:9 p.m.78 views

USN-4619-1: dom4j vulnerability

Mário Areias discovered that dom4j did not properly validate XML document elements. An attacker could exploit this with a crafted XML file to cause dom4j to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2018-1000632...

7.5CVSS6.8AI score0.0657EPSS
Exploits1
OSV
OSV
added 2020/11/05 4:9 p.m.3 views

USN-4619-1 dom4j vulnerability

Mário Areias discovered that dom4j did not properly validate XML document elements. An attacker could exploit this with a crafted XML file to cause dom4j to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2018-1000632...

7.5CVSS6.8AI score0.0657EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2020/07/28 3:54 p.m.114 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.7.0 release and security update

A minor version update from 7.6 to 7.7 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

10CVSS7.2AI score0.58373EPSS
Exploits16References50
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for dom4j (EulerOS-SA-2019-2405)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.0657EPSS
Exploits1References2
Rows per page
Query Builder