Lucene search
+L

149 matches found

cvelist
cvelist
added 2018/12/17 10:0 p.m.23 views

CVE-2018-7833

An Improper Check for Unusual or Exceptional Conditions vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where an unauthenticated user can send a specially crafted XML data via a POST request to cause the web server to become unavailable...

7.5AI score0.01381EPSS
Exploits0References1
github
github
added 2018/08/08 10:31 p.m.39 views

Nokogiri vulnerable to libxml XML Entity Expansion

The xmlreader in libxml allows remote attackers to cause a denial of service memory consumption via crafted XML data, related to an XML Entity Expansion XEE attack...

5CVSS8.6AI score0.0634EPSS
Exploits0References26Affected Software1
osv
osv
added 2018/08/08 10:31 p.m.41 views

GHSA-Q7WX-62R7-J2X7 Nokogiri vulnerable to libxml XML Entity Expansion

The xmlreader in libxml allows remote attackers to cause a denial of service memory consumption via crafted XML data, related to an XML Entity Expansion XEE attack...

5CVSS6.4AI score0.0634EPSS
Exploits0References25
prion
prion
added 2018/07/20 5:29 p.m.14 views

Xxe

XML external entity XXE vulnerability in java/org/jasig/cas/util/SamlUtils.java in Jasig CAS server before 3.4.12.1 and 3.5.x before 3.5.2.1, when Google Accounts Integration is enabled, allows remote unauthenticated users to bypass authentication via crafted XML data...

6.8CVSS7.5AI score0.02055EPSS
Exploits0References2Affected Software1
cnvd
cnvd
added 2018/04/24 12:0 a.m.7 views

Geist WatchDog Console XML External Entity Injection Vulnerability

Geist WatchDog Console is a suite of environmental monitoring software from Geist USA. An XML external entity injection vulnerability exists in Geist WatchDog Console version 3.2.2. A remote attacker can exploit this vulnerability to read arbitrary files with specially crafted XML data...

4.9CVSS7.3AI score0.08296EPSS
Exploits5References1
prion
prion
added 2018/04/20 9:29 p.m.19 views

Xxe

Multiple XML external entity XXE vulnerabilities in 1 CQWeb / CM Server, 2 ClearQuest Native client, 3 ClearQuest Eclipse client, and 4 ClearQuest Eclipse Designer components in IBM Rational ClearQuest 7.1.1 through 7.1.1.9, 7.1.2 through 7.1.2.13, 8.0.0 through 8.0.0.10, and 8.0.1 through 8.0.1....

5.5CVSS7.1AI score0.01667EPSS
Exploits0References2Affected Software1
prion
prion
added 2018/04/20 9:29 p.m.14 views

Xxe

XML external entity XXE vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to read arbitrary files via crafted XML data...

4CVSS5.5AI score0.08296EPSS
Exploits5References2Affected Software1
nvd
nvd
added 2018/04/20 9:29 p.m.20 views

CVE-2014-0931

Multiple XML external entity XXE vulnerabilities in the 1 CCRC WAN Server / CM Server, 2 Perl CC/CQ integration trigger scripts, 3 CMAPI Java interface, 4 ClearCase remote client, and 5 CMI and OSLC-based ClearQuest integrations components in IBM Rational ClearCase 7.1.0.x, 7.1.1.x, 7.1.2 through...

9.1CVSS8.8AI score0.0273EPSS
Exploits0References2
prion
prion
added 2018/04/20 9:29 p.m.18 views

Xxe

Multiple XML external entity XXE vulnerabilities in the 1 CCRC WAN Server / CM Server, 2 Perl CC/CQ integration trigger scripts, 3 CMAPI Java interface, 4 ClearCase remote client, and 5 CMI and OSLC-based ClearQuest integrations components in IBM Rational ClearCase 7.1.0.x, 7.1.1.x, 7.1.2 through...

6.4CVSS7.1AI score0.0273EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2018/04/20 9:0 p.m.18 views

CVE-2014-0950

Multiple XML external entity XXE vulnerabilities in 1 CQWeb / CM Server, 2 ClearQuest Native client, 3 ClearQuest Eclipse client, and 4 ClearQuest Eclipse Designer components in IBM Rational ClearQuest 7.1.1 through 7.1.1.9, 7.1.2 through 7.1.2.13, 8.0.0 through 8.0.0.10, and 8.0.1 through 8.0.1....

7AI score0.01667EPSS
Exploits0References2
cvelist
cvelist
added 2018/04/20 9:0 p.m.20 views

CVE-2018-10077

XML external entity XXE vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to read arbitrary files via crafted XML data...

5.6AI score0.08296EPSS
Exploits5References2
cvelist
cvelist
added 2018/04/20 9:0 p.m.19 views

CVE-2014-0931

Multiple XML external entity XXE vulnerabilities in the 1 CCRC WAN Server / CM Server, 2 Perl CC/CQ integration trigger scripts, 3 CMAPI Java interface, 4 ClearCase remote client, and 5 CMI and OSLC-based ClearQuest integrations components in IBM Rational ClearCase 7.1.0.x, 7.1.1.x, 7.1.2 through...

9AI score0.0273EPSS
Exploits0References2
prion
prion
added 2018/03/20 9:29 p.m.14 views

Xxe

XML external entity XXE vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote authenticated users to cause a denial of service memory consumption via crafted XML data. IBM X-Force ID: 108357...

4CVSS6.3AI score0.01255EPSS
Exploits0References2Affected Software1
prion
prion
added 2018/03/12 9:29 p.m.16 views

Xxe

XML external entity XXE vulnerability in IBM InfoSphere Information Governance Catalog 11.3 before 11.3.1.2 and 11.5 before 11.5.0.1 allows remote authenticated users to read arbitrary files or cause a denial of service via crafted XML data. IBM X-Force ID: 110510...

5.5CVSS6.6AI score0.01513EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2018/03/12 9:29 p.m.24 views

CVE-2016-0250

XML external entity XXE vulnerability in IBM InfoSphere Information Governance Catalog 11.3 before 11.3.1.2 and 11.5 before 11.5.0.1 allows remote authenticated users to read arbitrary files or cause a denial of service via crafted XML data. IBM X-Force ID: 110510...

5.5CVSS5.3AI score0.01513EPSS
Exploits0References2
cve
cve
added 2018/03/12 9:0 p.m.46 views

CVE-2016-0250

CVE-2016-0250 is an XXE vulnerability in IBM InfoSphere Information Governance Catalog (IGC). It affects IGC versions 11.3 prior to 11.3.1.2 and 11.5 prior to 11.5.0.1, enabling a remote authenticated attacker to read arbitrary files or cause a denial of service by processing crafted XML data. Th...

5.5CVSS5.3AI score0.01513EPSS
Exploits0References2Affected Software1
prion
prion
added 2018/03/09 7:29 p.m.12 views

Xxe

XML external entity XXE vulnerability in IBM Financial Transaction Manager FTM for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager FTM for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager FTM fo...

4CVSS5.8AI score0.00831EPSS
Exploits0References1Affected Software1
cve
cve
added 2018/03/09 7:0 p.m.60 views

CVE-2016-0268

CVE-2016-0268 affects IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services on Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013. The vulnerability is an XML External Entity (XXE) issue in XML processing that could allow a remote authenticated atta...

4.3CVSS5.1AI score0.00831EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2018/03/09 7:0 p.m.18 views

CVE-2016-0268

XML external entity XXE vulnerability in IBM Financial Transaction Manager FTM for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager FTM for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager FTM fo...

4AI score0.00831EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2018/02/27 3:29 p.m.24 views

CVE-2018-0489

Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this...

6.5CVSS6.7AI score0.02148EPSS
Exploits0References3
Rows per page
Query Builder