Unity Linux 20.1060e / 20.1070e Security Update: xmlbeans (UTSA-2026-016630)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016630 advisory. The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include...

Oracle Business Intelligence Enterprise Edition (OAS 8.2) (January 2026 CPU)

The version of Oracle Business Intelligence Enterprise Edition OAS 8.2.0.0 installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product o...

EUVD-2021-1365

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-23926

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include...

Security Bulletin: There is a vulnerability in xmlbeans-2.6.0.jar used by IBM SPSS Collaboration and Deployment Service (CVE-2021-23926)

Summary There is a vulnerability in xmlbeans-2.6.0.jar used by IBM SPSS Collaboration and Deployment Service CVE-2021-23926 Vulnerability Details CVEID:CVE-2021-23926 DESCRIPTION: Apache XMLBeans is vulnerable to a denial of service, caused by an XML external entity XXE error when processing XML...

Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.8

Summary Third party reported 'Stored XSS' and 'CSRF' issues, Apache Tomcat, Apache ActiveMQ, CKEditor, libcURL, xmlbeans, scala-library, json-smart, jna-platform, jackson-databind, commons-io, shiro-core, commons-net, snappy-java, xercesImpl are identified as vulnerable components with multiple...

Oracle Business Intelligence Enterprise Edition (July 2024 CPU)

The version of Oracle Business Intelligence Enterprise Edition 12.2.1.4 installed on the remote host is affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Orac...

OPENSUSE-SU-2024:12455-1 xmlbeans-2.6.0-12.1 on GA media

These are all security issues fixed in the xmlbeans-2.6.0-12.1 package on the GA media of openSUSE Tumbleweed...

Security Bulletin: There is a vulnerability in xmlbeans-2.6.0.jar used by IBM Maximo Asset Management application (CVE-2021-23926)

Summary There is a vulnerability in xmlbeans-2.6.0.jar used by IBM Maximo Asset Management application CVE-2021-23926 Vulnerability Details CVEID:CVE-2021-23926 DESCRIPTION: Apache XMLBeans is vulnerable to a denial of service, caused by an XML external entity XXE error when processing XML data. ...

Security Bulletin: Multiple vulnerabilities affect embedded rules in IBM Business Automation Workflow

Summary Embedded rules in IBM Business Automation Workflow are affected by multiple vulnerabilities. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2018-1000632 DESCRIPTION: dom4j could allow a remote attacker to execute arbitrary code o...

Security Bulletin: Vulnerability of xmlbeans-2.6.0.jar has affected APM DataPower agent.

Summary APM DataPower Agent is vulnerable to xmlbeans-2.6.0.jar vulnerability described in CVE 2021-23926. The fix includes xmlbeans-2.6.0.jar upgraded to xmlbeans-3.1.0.jar Vulnerability Details CVEID:CVE-2021-23926 DESCRIPTION: Apache XMLBeans is vulnerable to a denial of service, caused by an...

Security Bulletin: Atlas eDiscovery Process Management is affected by a vulnerable xmlbeans-2.3.0.jar

Summary Atlas eDiscovery Process Management is affected by a vulnerable xmlbeans-2.3.0.jar. Hence xmlbeans-2.3.0.jar upgraded to xmlbeans-3.0.0.jar to fix vulnerabilities. Vulnerability Details CVEID:CVE-2021-23926 DESCRIPTION: Apache XMLBeans is vulnerable to a denial of service, caused by an XM...

SUSE CVE-2021-23926

The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0...

SUSE: Security Advisory (SUSE-SU-2022:3875-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : xmlbeans (SUSE-SU-2022:3875-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3875-1 advisory. - The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from...

SUSE SLED12 / SLES12 Security Update : xmlbeans (SUSE-SU-2022:3876-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3876-1 advisory. - The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from...

SUSE-SU-2022:3876-1 Security update for xmlbeans

This update for xmlbeans fixes the following issues: - CVE-2021-23926: Fixed XML parsers not protecting from malicious XML input bsc1180915...

SUSE-SU-2022:3875-1 Security update for xmlbeans

This update for xmlbeans fixes the following issues: - CVE-2021-23926: Fixed XML parsers not protecting from malicious XML input bsc1180915...

Security Bulletin: A vulnerability found in XMLBeans which hipped with IBM® Intelligent Operations Center (CVE-2021-23926)

Summary A vulnerability related to DOS attach has been found in XMLBeans which hipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

Security Bulletin: Multiple security vulnerabilities with IBM FileNet Content Manager component in IBM Business Automation Workflow -CVE-2021-31811, CVE-2021-31812, CVE-2021-23926, CVE-2021-38965

Summary The embedded IBM FileNet Content Manager component, that is shipped with IBM Business Automation Workflow is vulnerable to multiple vulnerabilities. Vulnerability Details CVEID: CVE-2021-38965 DESCRIPTION: IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote...