CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

RedhatCVE•added 2026/01/21 12:30 a.m.•3 views

CVE-2025-65482

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

9.8CVSS6AI score0.00107EPSS

Exploits1References1

RedhatCVE•added 2026/01/21 12:30 a.m.•2 views

CVE-2025-64087

A Server-Side Template Injection SSTI vulnerability in the FreeMarker component of opensagres XDocReport v1.0.0 to v2.1.0 allows attackers to execute arbitrary code via injecting crafted template expressions...

9.8CVSS6.1AI score0.00133EPSS

Exploits1References1

NVD•added 2026/01/20 4:16 p.m.•3 views

CVE-2025-65482

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

9.8CVSS0.00107EPSS

Exploits1References5

OSV•added 2026/01/20 4:16 p.m.•2 views

CVE-2025-64087

9.8CVSS6AI score0.00133EPSS

Exploits1References5

NVD•added 2026/01/20 4:16 p.m.•2 views

CVE-2025-64087

9.8CVSS0.00133EPSS

Exploits1References5

OSV•added 2026/01/20 4:16 p.m.•2 views

CVE-2025-65482

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

9.8CVSS6AI score0.00107EPSS

Exploits1References5

CVE•added 2026/01/20 12:0 a.m.•22 views

CVE-2025-65482

The CVE-2025-65482 XXE vulnerability affects opensagres XDocReport versions 0.9.2 through 2.0.3, allowing arbitrary code execution via crafted .docx uploads. Root cause relates to XML data processing within the library, enabling an attacker to trigger code execution when processing external entit...

9.8CVSS6AI score0.00107EPSS

Exploits1References5Affected Software1

Cvelist•added 2026/01/20 12:0 a.m.•18 views

CVE-2025-65482

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

0.00107EPSS

Exploits1References5

Cvelist•added 2026/01/20 12:0 a.m.•12 views

CVE-2025-64087

0.00133EPSS

Exploits1References5

Positive Technologies•added 2026/01/20 12:0 a.m.•3 views

PT-2026-3629

Name of the Vulnerable Software and Affected Versions opensagres XDocReport versions 0.9.2 through 2.0.3 Description An XML External Entity XXE issue exists in opensagres XDocReport. Successful exploitation allows attackers to execute arbitrary code by uploading a specially crafted .docx file. Th...

9.8CVSS5.8AI score0.00107EPSS

Exploits1References14

ATTACKERKB•added 2026/01/20 12:0 a.m.•2 views

CVE-2025-64087

9.8CVSS5.9AI score0.00133EPSS

Exploits1References6

ATTACKERKB•added 2026/01/20 12:0 a.m.•1 views

CVE-2025-65482

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

9.8CVSS5.9AI score0.00107EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by