Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

50 matches found

NVD
NVDadded 2026/05/22 1:16 p.m.10 views

CVE-2026-44618

Insecure XML parser configuration in Apache CXF's WS-Transfer module may allow attackers to perform XXE attacks. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this issue...

5.3CVSS0.00167EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/04/28 12:3 p.m.2 views

CVE-2026-41066

A flaw was found in lxml, a library for processing XML and HTML in Python. A remote attacker can exploit this vulnerability by sending untrusted XML input to an application using lxml's default parser configuration. This allows the attacker to read local files on the system, leading to informatio...

7.5CVSS5.5AI score0.0006EPSS
Exploits1References5
Cvelist
Cvelistadded 2025/11/05 5:18 p.m.5 views

CVE-2025-10713 XML External Entity (XXE) Vulnerability in Multiple WSO2 Products Due to Improper XML Parser Configuration

An XML External Entity XXE vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses user-supplied XML without applying sufficient restrictions, allowing resolution of external entities. A successful attack could enable a remote,...

6.5CVSS0.00082EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/11/05 5:18 p.m.1 views

CVE-2025-10713 XML External Entity (XXE) Vulnerability in Multiple WSO2 Products Due to Improper XML Parser Configuration

An XML External Entity XXE vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses user-supplied XML without applying sufficient restrictions, allowing resolution of external entities. A successful attack could enable a remote,...

6.5CVSS6.5AI score0.00082EPSS
Exploits0References1
CVE
CVEadded 2025/11/05 5:18 p.m.17 views

CVE-2025-10713

CVE-2025-10713 is an XML External Entity (XXE) vulnerability affecting multiple WSO2 products due to improper XML parser configuration. The issue allows an attacker to read sensitive server files or cause DoS via unrestrained external entities. Documented impact: remote, unauthenticated access wi...

9.1CVSS6.5AI score0.00082EPSS
Exploits0References1Affected Software8
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2017-16878

Malware in sbrugna...

6.6CVSS6.6AI score0.00081EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-5876

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00066EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-1204

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.02121EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-2507

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00347EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-2078

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00807EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-2042

Malicious code in bioql PyPI...

7.1CVSS7.5AI score0.00121EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-4915

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00298EPSS
Exploits0References10
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-7167

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.04432EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-3699

Malicious code in bioql PyPI...

7.6CVSS7.4AI score0.0006EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.0 views

EUVD-2023-1238

Malicious code in bioql PyPI...

8.2CVSS8AI score0.00361EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-1384

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00164EPSS
Exploits0References5
Veracode
Veracodeadded 2025/06/27 2:51 p.m.5 views

XML External Entity (XXE) Injection

Allure is vulnerable to XML External Entity XXE injection. The vulnerability is due to improper XML parser configuration due to insecure settings in the xunit-xml-plugin that allow external entity expansion when processing .xml test result files...

7.5CVSS6.5AI score0.00202EPSS
Exploits0References4Affected Software3
RedhatCVE
RedhatCVEadded 2025/05/23 3:37 a.m.5 views

CVE-2023-28682

Jenkins Performance Publisher Plugin 8.09 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.2CVSS6.7AI score0.01056EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 12:17 a.m.6 views

CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

5.5CVSS6.7AI score0.01501EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:38 p.m.2 views

CVE-2022-28154

Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.1CVSS6.7AI score0.00164EPSS
Exploits0References1
Rows per page
Query Builder