Lucene search
K

43 matches found

OSV
OSV
added 2026/06/17 12:32 p.m.8 views

ROOT-APP-MAVEN-CVE-2020-10683 CVE-2020-10683 in io.root.dom4j:dom4j - Patched by Root

Root has patched CVE-2020-10683 in the io.root.dom4j:dom4j package for Root:Maven. Multiple fixed versions available...

9.8CVSS6.8AI score0.07269EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/11 1:32 p.m.41 views

Security Bulletin: Multiple vulnerabilities affect embedded rules in IBM Business Automation Workflow

Summary Embedded rules in IBM Business Automation Workflow are affected by multiple vulnerabilities. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2018-1000632 DESCRIPTION: dom4j could allow a remote attacker to execute arbitrary code o...

9.8CVSS9.3AI score0.3038EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/05 1:31 p.m.43 views

Security Bulletin: Vulnerability found in dom4j-1.6.1.jar which is shipped with IBM® Intelligent Operations Center(CVE-2020-10683)

Summary Vulnerability have been identified in dom4j-1.6.1.jar which is shipped with IBM® Intelligent Operations Center. Information about this vulnerability affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2020-106...

9.8CVSS9.3AI score0.07269EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/30 3:30 p.m.38 views

Security Bulletin: ITCAM for Transactions affect by the Security vulnerability CVE-2020-10683 found in dom4j-1.6.1.jar

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following dom4j-1.6.1.jar vulnerability and updated dom4j-1.6.1.jar to version 2.1.4 Vulnerability Details CVEID:CVE-2020-10683 DESCRIPTION: dom4j could allow a remote authenticated...

9.8CVSS9.2AI score0.07269EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/30 9:23 a.m.82 views

Security Bulletin: Multiple vulnerabilities affect the IBM App Connect Enterprise Toolkit and the IBM Integration Bus Toolkit

Summary The IBM App Connect Enterprise Toolkit and the IBM Integration Bus Toolkit are vulnerable, as per the CVEs listed in the Vulnerability Details section. These vulnerabilities affect some development tasks in the product toolkit. CVE-2022-29599 and CVE-2020-10683 only affect Test and Java...

9.8CVSS9.9AI score0.86503EPSS
Exploits12Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/08 8:24 a.m.39 views

Security Bulletin: Atlas eDiscovery Process Management is affected by a vulnerable dom4j-1.6.1.jar

Summary Atlas eDiscovery Process Management is affected by a vulnerable dom4j-1.6.1.jar. Hence dom4j-1.6.1.jar upgraded to dom4j-2.0.3.jar to fix vulnerabilities. Vulnerability Details CVEID:CVE-2020-10683 DESCRIPTION: dom4j could allow a remote authenticated attacker to obtain sensitive...

9.8CVSS9.2AI score0.07269EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:7 p.m.49 views

K02349370: dom4j library vulnerability CVE-2020-10683

Security Advisory Description dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. CVE-2020-106...

9.8CVSS6.8AI score0.07269EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/07 5:43 p.m.46 views

Security Bulletin: IBM Security Verify Information Queue uses a dom4j version with improper XXE restrictions (CVE-2020-10683)

Summary The products image in IBM Security Verify Information Queue ISIQ v10.0.2 uses an older version of the dom4j library that does not properly safeguard against XML External Entity XXE attacks. ISIQ v10.0.3 has upgraded its products image to include a newer dom4j level that remediates the...

9.8CVSS1.5AI score0.07269EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/11 3:8 a.m.86 views

Security Bulletin: Vulnerabilities in Dojo and dom4j libraries affect Tivoli Netcool/OMNIbus WebGUI (CVE-2020-10683, CVE-2021-23450)

Summary Fix is available for vulnerabilities in Dojo and dom4j libraries affecting Tivoli Netcool/OMNIbus WebGUI CVE-2020-10683, CVE-2021-23450. Dojo is used by Tivoli Netcool/OMNIbus WebGUI as part of its web client component. dom4j was required by Tivoli Netcool/OMNIbus WebGUI as part of Apache...

9.8CVSS1.3AI score0.30367EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2021-0034)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.07269EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/02/02 12:0 a.m.227 views

Oracle WebCenter Portal Multiple Vulnerabilities (Jan 2021 CPU)

The version of Oracle WebCenter Portal installed on the remote host is missing a security patch from the January 2021 Critical Patch Update CPU. It is, therefore, affected by the following vulnerabilities : - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware...

9.8CVSS6.4AI score0.28839EPSS
Exploits1References3
NCSC
NCSC
added 2021/01/21 12:0 a.m.7 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed multiple vulnerabilities in Oracle Enterprise Manager. The vulnerabilities allow an unauthenticated remote malicious party potentially able to launch attacks leading to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Access to...

9.8CVSS7.6AI score0.9986EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2021/01/20 12:0 a.m.47 views

Oracle Application Testing Suite (Jan 2021 CPU)

The 13.3.0.1 versions of Application Testing Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2021 CPU advisory. - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web App...

9.8CVSS6.8AI score0.99019EPSS
Exploits7References4
Mageia
Mageia
added 2021/01/17 4:7 p.m.264 views

Updated dom4j packages fix a security vulnerability

A flaw was found in the dom4j library. By using the default SaxReader provided by Dom4J, external DTDs and External Entities are allowed, resulting in a possible XXE CVE-2020-10683...

9.8CVSS3.2AI score0.07269EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/12/16 12:11 p.m.179 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.8.0 release and security update

A minor version update from 7.7 to 7.8 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

9.8CVSS8AI score0.95586EPSS
Exploits12References39
OpenVAS
OpenVAS
added 2020/10/14 12:0 a.m.21 views

Ubuntu: Security Advisory (USN-4575-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.07269EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/10/14 12:0 a.m.40 views

Ubuntu 16.04 LTS : dom4j vulnerability (USN-4575-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4575-1 advisory. It was discovered that dom4j incorrectly handled reading XML data. A remote attacker could exploit this with a crafted XML file to expose sensitive data or possib...

9.8CVSS7.4AI score0.07269EPSS
Exploits0References2
OSV
OSV
added 2020/10/13 11:28 p.m.7 views

USN-4575-1 dom4j vulnerability

It was discovered that dom4j incorrectly handled reading XML data. A remote attacker could exploit this with a crafted XML file to expose sensitive data or possibly execute arbitrary code. CVE-2020-10683...

9.8CVSS6.9AI score0.07269EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2020/10/13 11:28 p.m.122 views

USN-4575-1: dom4j vulnerability

It was discovered that dom4j incorrectly handled reading XML data. A remote attacker could exploit this with a crafted XML file to expose sensitive data or possibly execute arbitrary code. CVE-2020-10683...

9.8CVSS7.4AI score0.07269EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/09/29 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for dom4j (EulerOS-SA-2020-2102)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.07269EPSS
Exploits0References2
Rows per page
Query Builder