187 matches found
PT-2026-48591
This module integrates the Tagify JavaScript library to enhance entity reference selection in entity reference widgets. The module does not properly sanitise the name of parent taxonomy terms when rendering suggestions in the Tagify dropdown. This results in a cross-site scripting vulnerability...
Adobe ColdFusion 输入验证错误漏洞
Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier have code vulnerabilities. These vulnerabilities stem from...
GHSA-J9RH-P96M-MHHP jOpenDocument has an improper restriction of XML external entity reference vulnerability
Improper restriction of XML external entity reference vulnerability in ILM Informatique jOpenDocument allows Data Serialization External Entities Blowup. This issue affects jOpenDocument: 1.5...
RTI Connext Professional 代码问题漏洞
RTI Connext Professional is a connectivity platform developed by RTI Corporation in the United States, designed to meet the demanding requirements of Industrial Internet of Things IIoT. There is a code vulnerability in RTI Connext Professional, which stems from improper restrictions on XML extern...
DEBIAN-CVE-2026-6732
A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...
CVE-2026-6732 Libxml2: libxml2: denial of service via crafted xsd-validated document
A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...
Denial-Of-Service (DoS)
libxmljs is vulnerable to a segmentation fault leading to denial-of-service DoS. The vulnerability is due to improper handling of the internal ref property in entityref and entitydecl nodes when parsing specially crafted XML documents, which allows an attacker to trigger a crash by supplying...
Apache Syncope Code Issue Vulnerability
Apache Syncope is the United States Apache Apache Foundation's set of open source digital identity management system for use in enterprise environments. The system supports identity management, role configuration and more. Apache Syncope there is a code problem vulnerability , the vulnerability...
Apache SIS 安全漏洞
Apache SIS is an open source library for spatial information from the Apache Foundation. A security vulnerability exists in Apache SIS versions 0.4 through 1.5, which stems from an improperly restricted XML external entity reference that could result in reading a server-local file...
uzy-ssm-mall 安全漏洞
uzy-ssm-mall yuzu cloud e-commerce is an SSM framework by ghostxbh individual developer for building e-commerce, bookstore malls, customer management, and so on. A security vulnerability exists in uzy-ssm-mall version 1.1.0, which stems from the presence of XML external entity references in the...
EUVD-2021-14518
Malware in sbrugna...
EUVD-2014-4733
Malware in sbrugna...
EUVD-2017-8101
Malware in sbrugna...
EUVD-2008-0638
Malware in sbrugna...
EUVD-2017-12327
Malware in sbrugna...
EUVD-2014-3111
Malware in sbrugna...
EUVD-2017-12329
Malware in sbrugna...
EUVD-2023-46591
Malicious code in bioql PyPI...
EUVD-2022-0349
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2014-5265
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Incutio XML-RPC IXR Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without consideri...