Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

51 matches found

CNNVD
CNNVDadded 2026/06/11 12:0 a.m.15 views

VMware Spring Web Services 代码问题漏洞

VMware Spring Web Services is a SOAP Web services development framework provided by the American company VMware. There are code vulnerabilities in versions 5.0.0 to 5.0.1, 4.1.0 to 4.1.3, 4.0.0 to 4.0.18, and 3.1.0 to 3.1.8 of VMware Spring Web Services. These vulnerabilities stem from the defaul...

8.2CVSS5.5AI score0.00352EPSS
Exploits0References1
NVD
NVDadded 2026/05/22 1:16 p.m.16 views

CVE-2026-44618

Insecure XML parser configuration in Apache CXF's WS-Transfer module may allow attackers to perform XXE attacks. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this issue...

5.3CVSS0.00338EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/04/28 12:3 p.m.5 views

CVE-2026-41066

A flaw was found in lxml, a library for processing XML and HTML in Python. A remote attacker can exploit this vulnerability by sending untrusted XML input to an application using lxml's default parser configuration. This allows the attacker to read local files on the system, leading to informatio...

7.5CVSS5.5AI score0.00324EPSS
Exploits1References5
Cvelist
Cvelistadded 2025/11/05 5:18 p.m.8 views

CVE-2025-10713 XML External Entity (XXE) Vulnerability in Multiple WSO2 Products Due to Improper XML Parser Configuration

An XML External Entity XXE vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses user-supplied XML without applying sufficient restrictions, allowing resolution of external entities. A successful attack could enable a remote,...

6.5CVSS0.00379EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/11/05 5:18 p.m.2 views

CVE-2025-10713 XML External Entity (XXE) Vulnerability in Multiple WSO2 Products Due to Improper XML Parser Configuration

An XML External Entity XXE vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses user-supplied XML without applying sufficient restrictions, allowing resolution of external entities. A successful attack could enable a remote,...

6.5CVSS6.5AI score0.00379EPSS
Exploits0References1
CVE
CVEadded 2025/11/05 5:18 p.m.39 views

CVE-2025-10713

CVE-2025-10713 is an XML External Entity (XXE) vulnerability affecting multiple WSO2 products due to improper XML parser configuration. The issue allows an attacker to read sensitive server files or cause DoS via unrestrained external entities. Documented impact: remote, unauthenticated access wi...

9.1CVSS6.5AI score0.00379EPSS
Exploits0References1Affected Software8
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-16878

Malware in sbrugna...

6.6CVSS6.6AI score0.00388EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-1204

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00715EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-1238

Malicious code in bioql PyPI...

8.2CVSS8AI score0.00569EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-3699

Malicious code in bioql PyPI...

7.6CVSS7.4AI score0.00904EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-1384

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00972EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-2042

Malicious code in bioql PyPI...

7.1CVSS7.5AI score0.00877EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2023-2507

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.0075EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-7167

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00712EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2022-5876

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00877EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2022-4915

Malicious code in bioql PyPI...

8.1CVSS8AI score0.3783EPSS
Exploits0References10
EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2022-2078

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.02867EPSS
Exploits0References5
Veracode
Veracodeadded 2025/06/27 2:51 p.m.6 views

XML External Entity (XXE) Injection

Allure is vulnerable to XML External Entity XXE injection. The vulnerability is due to improper XML parser configuration due to insecure settings in the xunit-xml-plugin that allow external entity expansion when processing .xml test result files...

7.5CVSS6.5AI score0.00324EPSS
Exploits0References4Affected Software3
RedhatCVE
RedhatCVEadded 2025/05/23 3:37 a.m.6 views

CVE-2023-28682

Jenkins Performance Publisher Plugin 8.09 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.2CVSS6.7AI score0.00569EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 12:17 a.m.7 views

CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

5.5CVSS6.7AI score0.00262EPSS
Exploits0References1
Rows per page
Query Builder