Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-6255

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00309EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2025/05/22 7:15 p.m.4 views

CVE-2021-41042

In Eclipse Lyo versions 1.0.0 to 4.1.0, a TransformerFactory is initialized with the defaults that do not restrict DTD loading when working with RDF/XML. This allows an attacker to cause an external DTD to be retrieved...

5.3CVSS6.7AI score0.00309EPSS
Exploits1
OSV
OSVadded 2022/07/08 12:0 a.m.31 views

GHSA-6296-MVGP-27HP XML External Entity Reference in Eclipse Lyo

In Eclipse Lyo versions 1.0.0 to 4.1.0, a TransformerFactory is initialized with the defaults that do not restrict DTD loading when working with RDF/XML. This allows an attacker to cause an external DTD to be retrieved...

4.2CVSS5.1AI score0.00309EPSS
Exploits1References5
Github Security Blog
Github Security Blogadded 2022/07/08 12:0 a.m.22 views

XML External Entity Reference in Eclipse Lyo

In Eclipse Lyo versions 1.0.0 to 4.1.0, a TransformerFactory is initialized with the defaults that do not restrict DTD loading when working with RDF/XML. This allows an attacker to cause an external DTD to be retrieved...

5.3CVSS4.5AI score0.00309EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2022/07/07 9:15 p.m.0 views

CVE-2021-41042

In Eclipse Lyo versions 1.0.0 to 4.1.0, a TransformerFactory is initialized with the defaults that do not restrict DTD loading when working with RDF/XML. This allows an attacker to cause an external DTD to be retrieved...

5.3CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2022/07/07 9:15 p.m.9 views

CVE-2021-41042

In Eclipse Lyo versions 1.0.0 to 4.1.0, a TransformerFactory is initialized with the defaults that do not restrict DTD loading when working with RDF/XML. This allows an attacker to cause an external DTD to be retrieved...

5.3CVSS0.00309EPSS
Exploits1References1
Prion
Prionadded 2022/07/07 9:15 p.m.10 views

Code injection

In Eclipse Lyo versions 1.0.0 to 4.1.0, a TransformerFactory is initialized with the defaults that do not restrict DTD loading when working with RDF/XML. This allows an attacker to cause an external DTD to be retrieved...

5CVSS5.1AI score0.00309EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2022/07/07 8:55 p.m.86 views

CVE-2021-41042

Eclipse Lyo versions 1.0.0–4.1.0 are affected by CVE-2021-41042 due to a TransformerFactory initialized with defaults that do not restrict DTD loading for RDF/XML. This enables an attacker to cause an external DTD to be retrieved, leading to potential information exposure (external entity referen...

5.3CVSS5.1AI score0.00309EPSS
Exploits1References1Affected Software1
CNNVD
CNNVDadded 2022/07/07 12:0 a.m.2 views

Eclipse Lyo 代码问题漏洞

Eclipse Lyo is an integrated development environment from the Eclipse Foundation. A security vulnerability exists in Eclipse Lyo versions 1.0.0 through 4.1.0, which stems from initializing TransformerFactory with a default value that does not restrict DTD loading when using RDF/XML, and can be...

5.3CVSS5.8AI score0.00309EPSS
Exploits1References2
Rows per page
Query Builder