Lucene search
K

9808 matches found

RedHat Linux
RedHat Linux
added 2012/07/05 7:23 p.m.5 views

RESTEasy: XML eXternal Entity (XXE) flaw

RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity XXE injection attack...

5CVSS7.5AI score0.03213EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/07/05 7:23 p.m.38 views

Moderate: Red Hat Security Advisory: resteasy security update

Updated resteasy packages that fix one security issue are now available for JBoss Enterprise Web Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...

5CVSS7.3AI score0.03213EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2012/07/05 7:20 p.m.5 views

RESTEasy: XML eXternal Entity (XXE) flaw

RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity XXE injection attack...

5CVSS7.5AI score0.03213EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/07/05 7:20 p.m.4 views

RESTEasy: XML eXternal Entity (XXE) flaw

The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding JAXB input, aka an XML external entity XXE injection attack, a similar vulnerability to...

5CVSS7.5AI score0.03213EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/07/05 7:20 p.m.7 views

Moderate: Red Hat Security Advisory: resteasy security update

An update for JBoss Enterprise Web Platform 5.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

5CVSS7.3AI score0.03213EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2012/07/05 7:19 p.m.7 views

RESTEasy: XML eXternal Entity (XXE) flaw

RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity XXE injection attack...

5CVSS7.5AI score0.03213EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/07/05 7:19 p.m.6 views

RESTEasy: XML eXternal Entity (XXE) flaw

The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding JAXB input, aka an XML external entity XXE injection attack, a similar vulnerability to...

5CVSS7.5AI score0.03213EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/07/05 7:19 p.m.47 views

Moderate: Red Hat Security Advisory: resteasy security update

An update for JBoss Enterprise Application Platform 5.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which give...

5CVSS7.3AI score0.03213EPSS
Exploits0References3
seebug.org
seebug.org
added 2012/06/27 12:0 a.m.38 views

Zend Framework Local File Disclosure

No description provided by source. SEC Consult Vulnerability Lab Security Advisory 20120626-0 ======================================================================= title: Local file disclosure via XXE injection product: Zend Framework vulnerable version: 1.11.11 1.12.0 RC1 2.0.0 beta4 and earli...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2012/06/27 12:0 a.m.35 views

Zend Framework 2.0.0 beta4 1.12 RC1 1.11.11 - Local File Disclosure

Zend Framework 2.0.0 beta4 1.12 RC1 1.11.11 - Local File Disclosure SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local file disclosure via XXE injection product: Zend Framework vulnerable version: 1.11.11 1.12.0 RC1...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/06/26 12:0 a.m.42 views

Zend Framework XXE Injection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local file disclosure via XXE injection product: Zend Framework vulnerable version: 1.11.11 1.12.0 RC1 2.0.0 beta4 and earlier versions / branches fixed version: 1.11.12...

0.1AI score
Exploits0
NVD
NVD
added 2012/06/17 3:41 a.m.20 views

CVE-2012-0037

Redland Raptor aka libraptor before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity XXE declaration and reference in an RDF document...

6.5CVSS6.3AI score0.13682EPSS
Exploits2References31
Prion
Prion
added 2012/06/17 3:41 a.m.20 views

Xxe

Redland Raptor aka libraptor before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity XXE declaration and reference in an RDF document...

4.3CVSS6.9AI score0.13682EPSS
Exploits2References31Affected Software13
Cvelist
Cvelist
added 2012/06/17 1:0 a.m.24 views

CVE-2012-0037

Redland Raptor aka libraptor before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity XXE declaration and reference in an RDF document...

6.3AI score0.13682EPSS
Exploits2References31
exploitpack
exploitpack
added 2012/06/14 12:0 a.m.14 views

Squiz CMS - Multiple Cross-Site Scripting XML External Entity Injection Vulnerabilities

Squiz CMS - Multiple Cross-Site Scripting XML External Entity Injection Vulnerabilities source: https://www.securityfocus.com/bid/54049/info Squiz CMS is prone to multiple cross-site scripting vulnerabilities and an XML external entity injection vulnerability because it fails to properly sanitize...

0.2AI score
Exploits0
RubySec
RubySec
added 2012/06/08 12:0 a.m.32 views

CVE-2012-6685 rubygem-nokogiri: XML eXternal Entity (XXE) flaw

Nokogiri before 1.5.4 is vulnerable to XXE attacks...

7.5CVSS2.4AI score0.02168EPSS
Exploits1References1Affected Software1
myhack58
myhack58
added 2012/06/05 12:0 a.m.247 views

PostgreSQL based on the error XML external entity attack 0Day-vulnerability warning-the black bar safety net

Recent foreign security personnel found a PostgreSQL version based on the error XML external entity to perform the high-risk vulnerabilities. After testing, the vulnerability can be from the database server a request to the internal network-SSRF-server side request forgery, and And you can use xm...

0.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/05/22 12:0 a.m.237 views

Liferay Portal < 6.0.6 Multiple Vulnerabilities

According to its self-reported version number, the installation of Liferay Portal hosted on the remote web server is affected by multiple vulnerabilities : - An arbitrary file download vulnerability exists when Apache Tomcat is used, which allows remote, authenticated users to download arbitrary...

6.8CVSS5.5AI score0.0847EPSS
Exploits6References13
RedHat Linux
RedHat Linux
added 2012/04/25 2:3 a.m.12 views

Moderate: Red Hat Security Advisory: JBoss Enterprise Portal Platform 5.2.1 update

JBoss Enterprise Portal Platform 5.2.1, which fixes two security issues and various bugs, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which giv...

5.8CVSS7.3AI score0.03213EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2012/04/25 2:3 a.m.4 views

RESTEasy: XML eXternal Entity (XXE) flaw

The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding JAXB input, aka an XML external entity XXE injection attack, a similar vulnerability to...

5CVSS7.5AI score0.03213EPSS
Exploits0References4
Rows per page
Query Builder