Lucene search
K

43 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-1851

Malicious code in bioql PyPI...

7.5CVSS5.8AI score0.00726EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.16 views

EUVD-2022-7498

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00897EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-0359

Malicious code in bioql PyPI...

9.8CVSS9AI score0.01381EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-0377

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.0127EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 2:15 a.m.10 views

CVE-2023-3276

A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. Affected by this issue is the function readBySax of the file XmlUtil.java of the component XML Parsing Module. The manipulation leads to xml external entity reference. The exploit has been disclos...

7.5CVSS6.6AI score0.00726EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:57 a.m.9 views

CVE-2023-24163

SQL Inection vulnerability in Dromara hutool before 5.8.21 allows attacker to execute arbitrary code via the aviator template engine...

9.8CVSS8.2AI score0.01381EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:55 a.m.7 views

CVE-2023-24162

Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter...

9.8CVSS7.7AI score0.0127EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:18 a.m.7 views

CVE-2022-4565

A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the...

7.5CVSS7AI score0.00897EPSS
Exploits1References1
NVD
NVD
added 2023/06/15 1:15 p.m.22 views

CVE-2023-3276

A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. Affected by this issue is the function readBySax of the file XmlUtil.java of the component XML Parsing Module. The manipulation leads to xml external entity reference. The exploit has been disclos...

7.5CVSS6.1AI score0.00726EPSS
Exploits1References3
OSV
OSV
added 2023/06/15 1:15 p.m.4 views

CVE-2023-3276

A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. Affected by this issue is the function readBySax of the file XmlUtil.java of the component XML Parsing Module. The manipulation leads to xml external entity reference. The exploit has been disclos...

7.5CVSS5.3AI score0.00726EPSS
Exploits1References3
Prion
Prion
added 2023/06/15 1:15 p.m.15 views

Xxe

A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. Affected by this issue is the function readBySax of the file XmlUtil.java of the component XML Parsing Module. The manipulation leads to xml external entity reference. The exploit has been disclos...

5.2CVSS7.5AI score0.00726EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/15 1:0 p.m.9 views

CVE-2023-3276 Dromara HuTool XML Parsing Module XmlUtil.java readBySax xml external entity reference

A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. Affected by this issue is the function readBySax of the file XmlUtil.java of the component XML Parsing Module. The manipulation leads to xml external entity reference. The exploit has been disclos...

5.5CVSS6.6AI score0.00726EPSS
Exploits1References3
CVE
CVE
added 2023/06/15 1:0 p.m.53 views

CVE-2023-3276

HuTool (Dromara HuTool) up to 5.8.19 contains an XXE flaw in XmlUtil.readBySax, enabling xml external entity reference exploitation. Publicly disclosed exploit; no fixed version information in the provided documents. Affected component: XML Parsing Module (XmlUtil.java). Practical impact describe...

7.5CVSS6.3AI score0.00726EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/15 12:0 a.m.30 views

Improper Restriction of XML External Entity Reference

A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. Affected by this issue is the function readBySax of the file XmlUtil.java of the component XML Parsing Module. The manipulation leads to xml external entity reference. The exploit has been disclos...

7.5CVSS7AI score0.00726EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/15 12:0 a.m.5 views

PT-2023-24008 · Dromara · Dromara Hutool

Name of the Vulnerable Software and Affected Versions: Dromara HuTool versions up to 5.8.19 Description: A problematic issue has been found in the XML Parsing Module, specifically affecting the readBySax function of the XmlUtil.java file. This issue leads to xml external entity reference. The...

7.5CVSS6.7AI score0.00726EPSS
Exploits1References7
CNNVD
CNNVD
added 2023/06/15 12:0 a.m.2 views

Dromara HuTool 代码问题漏洞

Hutool is a small but comprehensive library of Java tools for the Chinese Dromara community. A code issue vulnerability exists in Dromara HuTool versions prior to 5.8.19. An attacker could exploit this vulnerability to perform an xml external entity reference attack...

7.5CVSS6.2AI score0.00726EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2023/01/31 6:30 p.m.27 views

Dromara Hutool Deserialization of Untrusted Data vulnerability

Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter...

9.8CVSS9.4AI score0.0127EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2023/01/31 6:30 p.m.52 views

Dromara hutool vulnerable to SQL Injection

SQL Inection vulnerability in Dromara hutool v5.8.11 allows attacker to execute arbitrary code via the aviator template engine...

9.8CVSS9.7AI score0.01381EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2023/01/31 4:15 p.m.14 views

CVE-2023-24162

Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter...

9.8CVSS9.6AI score0.0127EPSS
Exploits1References2
OSV
OSV
added 2023/01/31 4:15 p.m.16 views

CVE-2023-24162

Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter...

9.8CVSS9.7AI score
Exploits0References2
Rows per page
Query Builder