Lucene search
+L

356 matches found

RedHat Linux
RedHat Linux
added 2016/01/14 6:34 p.m.34 views

Moderate: Red Hat Security Advisory: Red Hat JBoss BRMS 6.1.5 update

Red Hat JBoss BRMS 6.1.5, which fixes one security issue, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...

6.4CVSS7.2AI score0.16564EPSS
Exploits1References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/12/01 6:59 a.m.4 views

XML External Entity (XXE) Vulnerability in Hitachi Command Suite

Overview XML External Entity XXE Vulnerability exists in Hitachi Command Suite. Impact Malicious attacker might exploit this vulnerability to disclose arbitrary files. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

5CVSS7AI score
Exploits0References2
NVD
NVD
added 2015/11/25 8:59 p.m.18 views

CVE-2015-5319

XML external entity XXE vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafted job configuration that is then used in an "XML-aware tool," as demonstrated by get-job and update-job...

5CVSS6.4AI score0.02291EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2015/10/30 9:33 a.m.24 views

CVE-2005-1306

The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability."...

7.5CVSS7.2AI score0.14528EPSS
Exploits1References2
CNVD
CNVD
added 2015/06/29 12:0 a.m.3 views

SAP Mobile Platform XML External Entity Information Disclosure Vulnerability

SAP Mobile Platform SMP is a mobile application development platform from SAP. The platform is used to build packaged and customized development applications for any device. A security vulnerability exists in the SAP Mobile Platform XML external entity. This vulnerability could be exploited by an...

6.6AI score
Exploits0References1
CNVD
CNVD
added 2015/06/26 12:0 a.m.5 views

SAP Mobile Platform External Entity Vulnerability

SAP Mobile Platform SMP is a mobile application development platform from SAP. The platform is used to build packaged and customized development applications for any device. An external entity vulnerability exists in SAP Mobile Platform. A remote attacker can exploit this vulnerability by sending...

7.5CVSS6.9AI score0.02885EPSS
Exploits1References1
CNVD
CNVD
added 2015/02/06 12:0 a.m.5 views

Ektron CMS XML External Entity Injection Vulnerability

Ektron CMS is a content management system. An injection vulnerability exists in the Ektron CMS XML external entity due to the application failing to properly filter user-supplied input before dynamically generating content. An attacker could exploit this vulnerability to execute arbitrary code...

6.8CVSS8.1AI score0.02441EPSS
Exploits0References1
Prion
Prion
added 2014/12/10 3:59 p.m.21 views

Xxe

XML external entity XXE vulnerability in Scalix Web Access 11.4.6.12377 and 12.2.0.14697 allows remote attackers to read arbitrary files and trigger requests to intranet servers via a crafted request...

6.4CVSS7.1AI score0.01419EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2014/09/04 5:55 p.m.4 views

DEBIAN-CVE-2014-3529

The OPC SAX setup in Apache POI before 3.10.1 allows remote attackers to read arbitrary files via an OpenXML file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

4.3CVSS7.1AI score0.13258EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/06/12 2:43 a.m.3 views

Xml eXternal Entity Vulnerability in XML link function of Hitachi COBOL2002

Overview XML link function of Hitachi COBOL2002 contains vulnerabilities to conduct information leakage or cause a denial of service DoS condition. Impact A remote attacker could conduct information leakage or cause a denial of service DoS condition via untrusted XML document loading unexpected...

4CVSS6.9AI score
Exploits0References2
OSV
OSV
added 2014/01/26 1:55 a.m.5 views

UBUNTU-CVE-2014-1626

XML External Entity XXE vulnerability in MARC::File::XML module before 1.0.2 for Perl, as used in Evergreen, Koha, perl4lib, and possibly other products, allows context-dependent attackers to read arbitrary files via a crafted XML file...

5CVSS5.9AI score0.01542EPSS
Exploits0References3
OSV
OSV
added 2013/12/07 8:55 p.m.3 views

DEBIAN-CVE-2013-6408

The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Enti...

6.4CVSS6.9AI score0.114EPSS
Exploits0References1
OSV
OSV
added 2013/04/25 11:55 p.m.8 views

CVE-2013-1915

ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity XXE vulnerability...

6.6AI score
Exploits0References23
Cvelist
Cvelist
added 2012/10/31 4:0 p.m.21 views

CVE-2012-4499

The contact formatter page in the Email Field module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to email the stored address in the entity via unspecified vectors...

6.5AI score0.01332EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2012/04/02 8:5 p.m.4 views

RESTEasy: XML eXternal Entity (XXE) flaw

RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity XXE injection attack...

5CVSS7.5AI score0.03213EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/06/15 4:0 a.m.38 views

CVE-2005-1306

The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability."...

7.4AI score0.14528EPSS
Exploits1References2
Rows per page
Query Builder