2074 matches found
PT-2025-53450
Name of the Vulnerable Software and Affected Versions Nozomi Networks affected versions not specified Description Inadequate validation of incoming XML format request messages can allow for cross-site scripting XSS attacks on a user's browser. The vulnerability affects Industrial Control Systems...
CVE-2019-25251
Teradek VidiU Pro 3.0.3 contains a server-side request forgery vulnerability in the management interface that allows attackers to manipulate GET parameters 'url' and 'xmlurl'. Attackers can exploit this flaw to bypass firewalls, initiate network enumeration, and potentially trigger external HTTP...
CVE-2018-25142
NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity XXE injection vulnerability in XML preference import settings. Attackers can craft malicious XML files with DTD parameter entities to retrieve arbitrary system files through an out-of-band channel attack...
CVE-2019-25253 KYOCERA Net Admin 3.4.0906 Unauthenticated XML External Entity Injection
KYOCERA Net Admin 3.4.0906 contains an XML External Entity XXE injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve sensitive configuratio...
CVE-2025-67289
An arbitrary file upload vulnerability in the Attachments module of Frappe Framework v15.89.0 allows attackers to execute arbitrary code via uploading a crafted XML file...
CVE-2025-67289
An arbitrary file upload vulnerability in the Attachments module of Frappe Framework v15.89.0 allows attackers to execute arbitrary code via uploading a crafted XML file...
Frappe Framework 安全漏洞
Frappe Framework is a metadata-driven full-stack web application framework based on Python and JavaScript from Frappe India. A security vulnerability exists in the Attachments module of Frappe Framework v15.89.0, which stems from the fact that uploading a specially crafted XML file could lead to...
New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards
Certain motherboard models from vendors like ASRock, ASUSTeK Computer, GIGABYTE, and MSI are affected by a security vulnerability that leaves them susceptible to early-boot direct memory access DMA attacks across architectures that implement a Unified Extensible Firmware Interface UEFI and...
PT-2025-52307
Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A stored cross-site scripting issue exists in Kentico Xperience. Authenticated users can inject malicious scripts through XML file uploads, specifically when used as page attachment...
SUSE CVE-2025-40217
In the Linux kernel, the following vulnerability has been resolved: pidfs: validate extensible ioctls Validate extensible ioctls stricter than we do now...
CVE-2025-62864
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM MMCommunicate service that could result in an out-of-bounds write within the UEFI-MM Secure Partition context...
Podcast Generator 安全漏洞
Podcast Generator is PodcastGenerator's open source set of free podcast publishing scripts written in PHP. A security vulnerability exists in Podcast Generator version 3.2.9, which stems from a blind server-side request forgery that could allow an attacker to inject XML into the episode upload fo...
Server-Side Request Forgery (SSRF)
libtaxii is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper handling of an initial http:// substring in the parse method, even when the XML parser is configured with the nonetwork setting, which allows an attacker to trigger unauthorized network requests throu...
XML External Entity (XXE) Injection
Jenkins CCCC Plugin is vulnerable to XML External Entity XXE Injection. The vulnerability is due to improper configuration of the XML parser without XXE protection, which allows an attacker to process malicious XML input and access sensitive resources...
Cross-site Request Forgery (CSRF)
jp.ikedam.jenkins.plugins, extensible-choice-parameter is vulnerable to cross-site request forgery CSRF. The vulnerability is due to insufficient request validation, which allows an attacker to execute sandboxed Groovy code by tricking a user into performing unintended actions...
OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability
OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the application accepts XML input through a specific endpoint /geoserver/wms operation GetMap and could allow an attacker to define external entities within the XML request...
EUVD-2020-30836
QiHang Media Web Digital Signage 3.0.9 contains a cleartext credentials vulnerability that allows unauthenticated attackers to access administrative login information through an unprotected XML file. Attackers can retrieve hardcoded admin credentials by requesting the '/xml/User/User.xml' file,...
PT-2025-50517
QiHang Media Web Digital Signage 3.0.9 contains a cleartext credentials vulnerability that allows unauthenticated attackers to access administrative login information through an unprotected XML file. Attackers can retrieve hardcoded admin credentials by requesting the '/xml/User/User.xml' file,...
CVE-2025-66214 Ladybug has an XMLDecoder Deserialization Vulnerability (Java RCE)
Ladybug adds message-based debugging, unit, system, and regression testing to Java applications. Versions prior to 3.0-20251107.114628 contain the APIs /iaf/ladybug/api/report/storage and /iaf/ladybug/api/report/upload, which allow uploading gzip-compressed XML files with user-controllable conten...
EUVD-2023-60156
In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fix a potential out-of-bound memory access If xdbcbulkwrite fails, the values in 'buf' can be anything. So the string is not guaranteed to be NULL terminated when xdbctrace is called. Reserve an extra byte,...