ILM Informatique jOpenDocument 代码问题漏洞

ILM Informatique jOpenDocument is a document processing library developed by the French company ILM Informatique. Version 1.5 of ILM Informatique jOpenDocument contains a code vulnerability caused by improper restrictions on XML external entity references. This vulnerability may lead to an...

Adobe ColdFusion 代码问题漏洞

Adobe ColdFusion is a dynamic Web server platform maintained by Adobe. Adobe ColdFusion suffers from a code issue vulnerability that arises from improperly restricting XML external entity references, which can be exploited by an attacker to submit a special request, obtain sensitive information o...

The vulnerability of the task and project management service WEEEK lies in the improper restriction on recursive references to entities in the DTD. This allows a violator to trigger a service failure.

The vulnerability of the WEEEK task and project management service is related to improper restrictions on recursive references to entities in the DTD. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the libexpat library for analyzing XML files stems from improper restrictions on links to external XML entities, allowing attackers to execute arbitrary code.

The vulnerability of the libexpat library for analyzing XML files is related to improper restrictions on links to external XML entities. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the XML syntax analyzer library libexpat lies in the improper limitation on XML references to external objects, which allows attackers to trigger a service failure.

The vulnerability of the XML syntax analyzer library libexpat is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability could allow a malicious actor to cause service failures by sending specially created XML code remotely...

Xxe

FD Application Apr. 2022 Edition Version 9.01 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker...

PT-2022-24146 · Hewlett Packard · Arubaos

Name of the Vulnerable Software and Affected Versions: ArubaOS affected versions not specified Description: The issue is due to improper restrictions on XML entities, which leads to multiple vulnerabilities in the command line interface. A successful exploit could allow an authenticated attacker ...

McAfee DLP Endpoint 代码问题漏洞

McAfee DLP Endpoint is a Data Loss Prevention DLP endpoint from McAfee, Inc. Protects against theft and accidental disclosure of confidential data. A code issue vulnerability exists in McAfee DLP Endpoint versions 11.9.100 and 11.6.600, which stems from an improper restriction of the XML External...

The vulnerability of the VMware Tools utility set for Windows operating systems allows attackers to execute XXE attacks.

The vulnerability of the VMware Tools utility set for Windows operating systems is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability could allow attackers to execute XXE attacks...

The vulnerability of the JDBC driver (PgJDBC) for connecting Java programs to the PostgreSQL database allows attackers to perform XXE attacks.

The vulnerability of the JDBC driver PgJDBC for connecting Java programs to the PostgreSQL database is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability allows a remote attacker to perform XXE attacks...

Stanford CoreNlp 代码问题漏洞

Stanford CoreNlp is a set of open source, natural language analysis tools written in Java by the Stanford Nlp Group team in the U.S. A security vulnerability exists in Stanford Nlp Group, which stems from improper XML external entity reference restrictions. No details of the vulnerability are...

The vulnerability in the implementation of the new org.dom4j.io.SAXReader() function of the library for working with XML, XPath, and XSLT in dom4j allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the new org.dom4j.io.SAXReader method in the library for working with XML, XPath, and XSLT is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...

Wecon LeviStudioU Information Disclosure Vulnerability

Wecon LeviStudioU is a set of HMI programming software from Wecon Technologies, China. A security vulnerability exists in the handling of project files in Wecon LeviStudioU, which stems from an improper restriction of references to XML external entities. The vulnerability can be exploited by a...