277 matches found
EUVD-2022-1943
Malicious code in bioql PyPI...
EUVD-2022-3982
Malicious code in bioql PyPI...
EUVD-2023-2507
Malicious code in bioql PyPI...
EUVD-2025-29374
Malicious code in bioql PyPI...
EUVD-2025-11530
Malicious code in bioql PyPI...
EUVD-2023-41384
Malicious code in bioql PyPI...
EUVD-2023-35289
Malicious code in bioql PyPI...
EUVD-2023-1238
Malicious code in bioql PyPI...
EUVD-2024-0557
Malicious code in bioql PyPI...
EUVD-2022-2656
Malicious code in bioql PyPI...
EUVD-2025-31380
Malicious code in bioql PyPI...
EUVD-2022-53480
Malicious code in bioql PyPI...
Jinher OA 代码问题漏洞
Jinher OA is a collaborative management software from Jinher, China. A code issue vulnerability exists in Jinher OA version 2.0, which stems from incorrect operation of the XML processing component in file /c6/Jhsoft.Web.module/ToolBar/GetWordFileName.aspx, which could lead to an XML external...
CVE-2025-6984 Sensitive Information Disclosure Due to Insecure XML Parsing in langchain-ai/langchain
The langchain-ai/langchain project, specifically the EverNoteLoader component, is vulnerable to XML External Entity XXE attacks due to insecure XML parsing. The affected version is 0.3.63. The vulnerability arises from the use of etree.iterparse without disabling external entity references, which...
ROS-20250825-02
A vulnerability in the Nokogiri program library of the Ruby interpreter is related to improper handling of an an unexpected data type. Exploitation of the vulnerability could allow an attacker, acting remotely, disclose protected information or cause a denial of service A vulnerability in the...
Linux Distros Unpatched Vulnerability : CVE-2016-10127
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PySAML2 allows remote attackers to conduct XML external entity XXE attacks via a crafted SAML XML request or response. CVE-2016-10127 Note that Nessus relies on...
Linux Distros Unpatched Vulnerability : CVE-2024-40896
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers t...
GeoServer 代码问题漏洞
GeoServer is GeoServer open source an open source software server written in Java. It allows users to share and edit geospatial data. A code issue vulnerability exists in GeoServer that stems from improper URI validation, which could allow an unauthorized attacker to perform an XML external entit...
Math 代码问题漏洞
Math is an open source math plugin for PHPOffice. A code issue vulnerability exists in versions of Math prior to 0.3.0 that stems from unfiltered XML data being loaded, which could lead to an XXE attack...
CVE-2023-28685
Jenkins AbsInt a³ Plugin 1.1.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...