GHSA-J9RH-P96M-MHHP jOpenDocument has an improper restriction of XML external entity reference vulnerability

Improper restriction of XML external entity reference vulnerability in ILM Informatique jOpenDocument allows Data Serialization External Entities Blowup. This issue affects jOpenDocument: 1.5...

RTI Connext Professional 代码问题漏洞

RTI Connext Professional is a connectivity platform developed by RTI Corporation in the United States, designed to meet the demanding requirements of Industrial Internet of Things IIoT. There is a code vulnerability in RTI Connext Professional, which stems from improper restrictions on XML extern...

DEBIAN-CVE-2026-6732

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

CVE-2026-6732 Libxml2: libxml2: denial of service via crafted xsd-validated document

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

Denial-Of-Service (DoS)

libxmljs is vulnerable to a segmentation fault leading to denial-of-service DoS. The vulnerability is due to improper handling of the internal ref property in entityref and entitydecl nodes when parsing specially crafted XML documents, which allows an attacker to trigger a crash by supplying...

Apache Syncope Code Issue Vulnerability

Apache Syncope is the United States Apache Apache Foundation's set of open source digital identity management system for use in enterprise environments. The system supports identity management, role configuration and more. Apache Syncope there is a code problem vulnerability , the vulnerability...

Apache SIS 安全漏洞

Apache SIS is an open source library for spatial information from the Apache Foundation. A security vulnerability exists in Apache SIS versions 0.4 through 1.5, which stems from an improperly restricted XML external entity reference that could result in reading a server-local file...

uzy-ssm-mall 安全漏洞

uzy-ssm-mall yuzu cloud e-commerce is an SSM framework by ghostxbh individual developer for building e-commerce, bookstore malls, customer management, and so on. A security vulnerability exists in uzy-ssm-mall version 1.1.0, which stems from the presence of XML external entity references in the...

EUVD-2017-12329

Malware in sbrugna...

EUVD-2021-14518

Malware in sbrugna...

EUVD-2017-12327

Malware in sbrugna...

EUVD-2014-3111

Malware in sbrugna...

EUVD-2014-4733

Malware in sbrugna...

EUVD-2017-8101

Malware in sbrugna...

EUVD-2008-0638

Malware in sbrugna...

EUVD-2022-0349

Malicious code in bioql PyPI...

EUVD-2023-46591

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2014-5265

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Incutio XML-RPC IXR Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without consideri...

Adobe Experience Manager 代码问题漏洞

Adobe Experience Manager is a content management solution from Adobe designed to help organizations efficiently create, manage and deliver cross-channel content while integrating business solutions to enhance the customer experience. Adobe Experience Manager suffers from an XML entity injection...

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Overview llama-index-readers-stripe-docs is a llama-index readers stripedocs integration Affected versions of this package are vulnerable to Improper Restriction of Recursive Entity References in DTDs 'XML Entity Expansion' via the parsesitemap function. An attacker can exhaust system memory and...