Lucene search
K

354 matches found

CISA KEV Catalog
CISA KEV Catalog
added 2025/12/11 12:0 a.m.13 views

OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability

OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the application accepts XML input through a specific endpoint /geoserver/wms operation GetMap and could allow an attacker to define external entities within the XML request...

9.8CVSS6.8AI score0.67357EPSS
In wildExploits4
OSV
OSV
added 2025/12/10 12:16 a.m.5 views

CVE-2025-61823

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could lead to arbitrary file system read. A high privileged attacker could exploit this vulnerability to access sensitive files and data on th...

6.2CVSS5.9AI score0.00429EPSS
Exploits0References1
NVD
NVD
added 2025/12/10 12:16 a.m.12 views

CVE-2025-61823

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could lead to arbitrary file system read. A high privileged attacker could exploit this vulnerability to access sensitive files and data on th...

6.2CVSS0.00429EPSS
Exploits0References1
OSV
OSV
added 2025/12/10 12:16 a.m.5 views

CVE-2025-61821

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and data on the server...

8.6CVSS5.9AI score0.00468EPSS
Exploits0References1
NVD
NVD
added 2025/12/10 12:16 a.m.10 views

CVE-2025-61813

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files on the server. Exploitation o...

8.2CVSS0.00474EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/12/04 6:3 p.m.7 views

org.eclipse.jgit: XXE vulnerability in Eclipse JGit

A flaw was found in Eclipse JGit. This vulnerability can allow information disclosure, denial of service, and other security issues when parsing XML files...

6.8CVSS5.7AI score0.0104EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2025/11/26 5:2 p.m.5 views

org.eclipse.jgit: XXE vulnerability in Eclipse JGit

A flaw was found in Eclipse JGit. This vulnerability can allow information disclosure, denial of service, and other security issues when parsing XML files...

6.8CVSS5.7AI score0.0104EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2025/11/26 4:59 p.m.5 views

org.eclipse.jgit: XXE vulnerability in Eclipse JGit

A flaw was found in Eclipse JGit. This vulnerability can allow information disclosure, denial of service, and other security issues when parsing XML files...

6.8CVSS5.7AI score0.0104EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2025/11/26 4:59 p.m.6 views

org.eclipse.jgit: XXE vulnerability in Eclipse JGit

A flaw was found in Eclipse JGit. This vulnerability can allow information disclosure, denial of service, and other security issues when parsing XML files...

6.8CVSS5.7AI score0.0104EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2025/11/05 6:31 p.m.9 views

WSO2 Carbon Mediation vulnerable to XML External Entity (XXE) attacks

An XML External Entity XXE vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses user-supplied XML without applying sufficient restrictions, allowing resolution of external entities. A successful attack could enable a remote,...

9.1CVSS6.8AI score0.00415EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/11/05 6:15 p.m.3 views

CVE-2025-10713

An XML External Entity XXE vulnerability exists in multiple WSO2 products due to improper configuration of the XML parser. The application parses user-supplied XML without applying sufficient restrictions, allowing resolution of external entities. A successful attack could enable a remote,...

9.1CVSS6.8AI score
Exploits0References1
EUVD
EUVD
added 2025/10/27 12:0 a.m.4 views

EUVD-2025-36213

An issue was discovered in BAE SOCET GXP before 4.6.0.3. It permits external entities in certain XML-based files. An attacker who is able to social engineer a SOCET GXP user into opening a malicious file can trigger a variety of outbound requests, potentially compromising sensitive information in...

6AI score0.00331EPSS
Exploits0References3
OSV
OSV
added 2025/10/24 2:15 p.m.4 views

CVE-2025-46425

Dell Storage Center - Dell Storage Manager, versions 20.1.20, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access...

6.5CVSS5.8AI score0.00297EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/10/14 5:59 p.m.4 views

org.eclipse.jgit: XXE vulnerability in Eclipse JGit

A flaw was found in Eclipse JGit. This vulnerability can allow information disclosure, denial of service, and other security issues when parsing XML files...

6.8CVSS7.1AI score0.0104EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-18245

Malware in sbrugna...

9.8CVSS9.5AI score0.01262EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-0069

Malware in sbrugna...

9.1CVSS9.1AI score0.0129EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-5020

Malware in sbrugna...

9CVSS8.8AI score0.05264EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-3665

Malware in sbrugna...

6.4CVSS6.1AI score0.1576EPSS
Exploits5References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2016-7783

Malware in sbrugna...

6.6CVSS6.6AI score0.00826EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-0819

Malware in sbrugna...

10CVSS9AI score0.01873EPSS
Exploits0References5
Rows per page
Query Builder