10 matches found
EUVD-2023-26485
Malicious code in bioql PyPI...
CVE-2023-22322
Improper restriction of XML external entity reference XXE vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed...
The vulnerability of the OMRON CX-Motion Pro controller management program lies in the improper restriction of references to external XML entities (XXE). This allows attackers to access protected information.
The vulnerability of the OMRON CX-Motion Pro controller management program is related to an improper restriction on references to external XML entities XXE. Exploiting this vulnerability may allow a perpetrator to access protected information through a specially created project file...
CVE-2023-22322
Improper restriction of XML external entity reference XXE vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed...
CVE-2023-22322
Improper restriction of XML external entity reference XXE vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed...
Xxe
Improper restriction of XML external entity reference XXE vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed...
CVE-2023-22322
Improper restriction of XML external entity reference XXE vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed...
CVE-2023-22322
Improper restriction of XML external entity reference XXE vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed...
CVE-2023-22322
CVE-2023-22322 affects OMRON CX-Motion Pro prior to 1.4.6.014, with an XXE flaw that can disclose sensitive filesystem data when a user opens a crafted project file. Root cause: improper restriction of XML external entity references in CX-Motion Pro 1.4.6.013 and earlier. Impact: potential exposu...
Improper restriction of XML external entity reference (XXE) vulnerability in OMRON CX-Motion Pro
Overview CX-Motion Pro provided by OMRON Corporation contains an improper restriction of XML external entity reference XXE vulnerability CWE-611. Michael Heinzl reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact If a user opens a specially crafted project...