7 matches found
EUVD-2023-50492
Malicious code in bioql PyPI...
CVE-2023-46265
An unauthenticated could abuse a XXE vulnerability in the Smart Device Server to leak data or perform a Server-Side Request Forgery SSRF...
CVE-2023-46265
An unauthenticated could abuse a XXE vulnerability in the Smart Device Server to leak data or perform a Server-Side Request Forgery SSRF...
Server side request forgery (ssrf)
An unauthenticated could abuse a XXE vulnerability in the Smart Device Server to leak data or perform a Server-Side Request Forgery SSRF...
CVE-2023-46265
An unauthenticated could abuse a XXE vulnerability in the Smart Device Server to leak data or perform a Server-Side Request Forgery SSRF...
CVE-2023-46265
Ivanti Avalanche includes CVE-2023-46265 (XXE vulnerability in the Smart Device Server) that can allow an unauthenticated attacker to leak data or perform a Server-Side Request Forgery (SSRF). The issue is tied to a decode/XML processing path and is listed among multiple related CVEs in the 6.4.2...
PT-2023-8279 · Ivanti · Ivanti Avalanche
Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche affected versions not specified Description: The issue is related to an XML External Entity XXE vulnerability in the Smart Device Server, which could allow an unauthenticated attacker to leak data or perform a Server-Side...