Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-4783

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.00298EPSS
Exploits0References4
Veracode
Veracodeadded 2022/05/09 5:38 a.m.13 views

XML External Entity (XXE) Injection

com.twelvemonkeys.imageio, imageio-metadata is vulnerable to XML external entity injection attacks. The vulnerability exist in parseDirectories function in XMPReader.javadue to lack of validation in XML parser which allows attackers to submit malicious XML and gain access to sensitive information...

9.8CVSS5.3AI score0.00298EPSS
Exploits0References2Affected Software2
UbuntuCve
UbuntuCveadded 2022/05/06 8:15 p.m.18 views

CVE-2021-23792

The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 are vulnerable to XML External Entity XXE Injection due to an insecurely initialized XML parser for reading XMP Metadata. An attacker can exploit this vulnerability if they are able to supply a file e.g. when an online profile...

9.8CVSS7.2AI score0.00298EPSS
Exploits0References3
CVE
CVEadded 2022/05/06 8:5 p.m.110 views

CVE-2021-23792

The CVE-2021-23792 issue affects the TwelveMonkeys project: the component com.twelvemonkeys.imageio:imageio-metadata is vulnerable to XML External Entity (XXE) Injection due to an insecurely initialized XML parser when reading XMP Metadata. Affected versions are before 3.7.1. If an attacker can s...

9.8CVSS8.5AI score0.00298EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder