CVE-2025-54967

An issue was discovered in BAE SOCET GXP before 4.6.0.3. It permits external entities in certain XML-based files. An attacker who is able to social engineer a SOCET GXP user into opening a malicious file can trigger a variety of outbound requests, potentially compromising sensitive information in...

EUVD-2025-36213

An issue was discovered in BAE SOCET GXP before 4.6.0.3. It permits external entities in certain XML-based files. An attacker who is able to social engineer a SOCET GXP user into opening a malicious file can trigger a variety of outbound requests, potentially compromising sensitive information in...

Exploit for Improper Restriction of XML External Entity Reference in Jetbrains Ktor

Ktor XML XXE Vulnerability Reproduction CVE-2023-45612 Re...

EUVD-2025-35162

Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML Injection...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987643)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987643 advisory. In the Linux kernel, the following vulnerability has been resolved: efi: runtime: avoid EFIv2 runtime services on Apple x86 machines Aditya reports 0 that his recent...

CVE-2025-33182

NVIDIA Jetson Linux contains a vulnerability in UEFI, where improper authentication may allow a privileged user to cause corruption of the Linux Device Tree. A successful exploitation of this vulnerability might lead to data tampering, denial of service...

SUSE-SU-2025:03537-1 Security update for expat

This update for expat fixes the following issues: - CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations by submitting crafted XML input bsc1249584...

rexml: REXML: Denial of Service via inefficient regex parsing

A flaw was found in REXML. A remote attacker could exploit inefficient regular expression regex parsing when processing hex numeric character references &x...; in XML documents. This could lead to a Regular Expression Denial of Service ReDoS, impacting the availability of the affected component...

EUVD-2025-33165

An XML External Entity XXE vulnerability in the /mall/wxpay/pay component of uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code via supplying crafted XML data...

EUVD-2009-2306

Malware in sbrugna...

EUVD-2008-1123

Malware in sbrugna...

EUVD-2007-5623

Malware in sbrugna...

EUVD-2015-6310

Malware in sbrugna...

EUVD-2008-2817

Malware in sbrugna...

EUVD-2012-3879

Malware in sbrugna...

EUVD-2020-3481

Malware in sbrugna...

Unity Linux 20.1070a Security Update: microcode_ctl (UTSA-2025-984695)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984695 advisory. Improper input validation in UEFI firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987171)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987171 advisory. In the Linux kernel, the following vulnerability has been resolved: gsmi: fix null-deref in gsmigetvariable We can get EFI variables without fetching the attribute, ...

Unity Linux 20.1070a Security Update: microcode_ctl (UTSA-2025-984678)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984678 advisory. Improper input validation in UEFI firmware for some IntelR processors may allow a privileged user to potentially enable escalation of privilege via local access...

RockyLinux 10 : expat (RLSA-2025:7512)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7512 advisory. libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat CVE-2024-8176 Tenable has extracted the preceding description block directly from...