Lucene search
K

214 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-30851

Malicious code in bioql PyPI...

6.1CVSS5.8AI score0.00665EPSS
Exploits0References1
NVD
NVD
added 2025/09/29 4:15 a.m.7 views

CVE-2025-11140

A vulnerability was identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this vulnerability is the function openForm of the component com.artery.richclient.RichClientService. Such manipulation of the argument contentString leads to xml external entity reference. The attack can be executed...

9.8CVSS0.00575EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/09/29 4:2 a.m.11 views

CVE-2025-11140 Bjskzy Zhiyou ERP com.artery.richclient.RichClientService openForm xml external entity reference

A vulnerability was identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this vulnerability is the function openForm of the component com.artery.richclient.RichClientService. Such manipulation of the argument contentString leads to xml external entity reference. The attack can be executed...

7.5CVSS0.00575EPSS
Exploits1References4
CVE
CVE
added 2025/09/29 4:2 a.m.28 views

CVE-2025-11140

The CVE-2025-11140 issue affects Bjskzy Zhiyou ERP up to v11.0, specifically the function openForm in com.artery.richclient.RichClientService. The vulnerability arises from manipulating the argument contentString, enabling an XML External Entity (XXE) reference. It can be exploited remotely, and ...

9.8CVSS6.5AI score0.00575EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2025/09/26 7:15 p.m.5 views

CVE-2025-11035

A vulnerability was determined in Jinher OA 2.0. The impacted element is an unknown function of the file /c6/Jhsoft.Web.module/ToolBar/ManageWord.aspx/?text=GetUrl&style=1. This manipulation causes xml external entity reference. The attack can be initiated remotely. The exploit has been publicly...

9.8CVSS0.00383EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/09/22 9:32 p.m.3 views

CVE-2025-10816 Jinher OA XML text xml external entity reference

A security flaw has been discovered in Jinher OA 2.0. This affects an unknown part of the file /c6/Jhsoft.Web.module/ToolBar/GetWordFileName.aspx/?text=GetUrl&style=add of the component XML Handler. Performing manipulation results in xml external entity reference. The attack may be initiated...

7.5CVSS6.4AI score0.00506EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/09/10 12:33 p.m.9 views

CVE-2025-10092

A vulnerability was found in Jinher OA up to 1.2. This impacts an unknown function of the file /c6/Jhsoft.Web.projectmanage/TaskManage/AddTask.aspx/?Type=add of the component XML Handler. The manipulation results in xml external entity reference. The attack can be executed remotely. The exploit h...

7.5CVSS6.6AI score0.00506EPSS
Exploits1References1
NVD
NVD
added 2025/09/08 11:15 a.m.6 views

CVE-2025-10091

A vulnerability has been found in Jinher OA up to 1.2. This affects an unknown function of the file /c6/Jhsoft.Web.projectmanage/ProjectManage/XmlHttp.aspx/?Type=add of the component XML Handler. The manipulation leads to xml external entity reference. Remote exploitation of the attack is possibl...

9.8CVSS0.00506EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2014-125087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in java-xmlbuilder up to 1.1. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation...

9.8CVSS5AI score0.01231EPSS
Exploits1References2
CNVD
CNVD
added 2025/08/20 12:0 a.m.6 views

DELL CloudLink XML External Entity References Improperly Restricted Vulnerability

DELL CloudLink is a data encryption and key management solution from Dell that is targeted at enterprise-level users and supports public, private and hybrid cloud environments. DELL CloudLink suffers from an improperly restricted XML external entity reference vulnerability that can be exploited b...

5.5CVSS6.7AI score0.00275EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 3:15 p.m.13 views

CVE-2025-26484

Dell CloudLink, versions 8.0 through 8.1.1, contains an Improper Restriction of XML External Entity Reference vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service...

5.5CVSS0.00275EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 2:24 p.m.5 views

CVE-2025-26484

Dell CloudLink, versions 8.0 through 8.1.1, contains an Improper Restriction of XML External Entity Reference vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service...

5.5CVSS6.9AI score0.00275EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.7 views

PT-2025-33286 · Dell · Dell Cloudlink

Name of the Vulnerable Software and Affected Versions: Dell CloudLink versions 8.0 through 8.1.1 Description: Dell CloudLink contains an Improper Restriction of XML External Entity Reference issue. A high privileged attacker with remote access could potentially exploit this issue, leading to Deni...

5.5CVSS6.3AI score0.00275EPSS
Exploits0References3
CVE
CVE
added 2025/07/30 6:9 p.m.27 views

CVE-2025-36608

CVE-2025-36608 affects Dell SmartFabric OS10 Software prior to 10.6.0.5. The issue is an improper restriction of XML External Entity references in OS10, enabling a low-privileged, remote attacker to potentially gain unauthorized access. Impact is described as unauthorized access with Network atta...

6.5CVSS7AI score0.00476EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/07/23 12:0 a.m.28 views

Adobe Commerce/Magento Open Source Multiple Vulnerabilities (APSB24-40)

The version of Adobe Commerce/Magento Open Source installed on the remote host falls within one of the following ranges 2.4.7 2.4.7-p1 Adobe Commerce / 2.4.6 2.4.6-p6 Adobe Commerce / 2.4.5 2.4.5-p8 Adobe Commerce / 2.4.4 2.4.4-p9 Adobe Commerce / 2.4.3 2.4.3-ext-8 Adobe Commerce / 2.4.2...

9.8CVSS7.7AI score0.99994EPSS
Exploits26References10
OSV
OSV
added 2025/07/21 5:15 p.m.5 views

CVE-2025-36603

Dell AppSync, versions 4.6.0.0, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering...

4.8CVSS5.8AI score0.00105EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/21 1:6 p.m.4 views

CVE-2025-7823

A vulnerability was found in Jinher OA 1.2. It has been declared as problematic. This vulnerability affects unknown code of the file ProjectScheduleDelete.aspx. The manipulation leads to xml external entity reference. The attack can be initiated remotely. The exploit has been disclosed to the...

9.8CVSS7.4AI score0.00483EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/07/21 12:0 a.m.4 views

PT-2025-30299 · Dell · Dell Appsync

Name of the Vulnerable Software and Affected Versions: Dell AppSync version 4.6.0.0 Description: Dell AppSync version 4.6.0.0 contains an Improper Restriction of XML External Entity Reference issue. A low privileged attacker with local access could potentially exploit this issue, leading to...

4.8CVSS5.8AI score0.00105EPSS
Exploits0References3
NVD
NVD
added 2025/07/19 1:15 p.m.10 views

CVE-2025-7824

A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects some unknown processing of the file XmlHttp.aspx. The manipulation leads to xml external entity reference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...

9.8CVSS0.00483EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/07/19 1:2 p.m.4 views

CVE-2025-7824 Jinher OA XmlHttp.aspx xml external entity reference

A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects some unknown processing of the file XmlHttp.aspx. The manipulation leads to xml external entity reference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...

7.5CVSS7.3AI score0.00483EPSS
Exploits1References4
Rows per page
Query Builder