GHSA-J9RH-P96M-MHHP jOpenDocument has an improper restriction of XML external entity reference vulnerability

Improper restriction of XML external entity reference vulnerability in ILM Informatique jOpenDocument allows Data Serialization External Entities Blowup. This issue affects jOpenDocument: 1.5...

RTI Connext Professional 代码问题漏洞

RTI Connext Professional is a connectivity platform developed by RTI Corporation in the United States, designed to meet the demanding requirements of Industrial Internet of Things IIoT. There is a code vulnerability in RTI Connext Professional, which stems from improper restrictions on XML extern...

Apache Syncope Code Issue Vulnerability

Apache Syncope is the United States Apache Apache Foundation's set of open source digital identity management system for use in enterprise environments. The system supports identity management, role configuration and more. Apache Syncope there is a code problem vulnerability , the vulnerability...

Apache SIS 安全漏洞

Apache SIS is an open source library for spatial information from the Apache Foundation. A security vulnerability exists in Apache SIS versions 0.4 through 1.5, which stems from an improperly restricted XML external entity reference that could result in reading a server-local file...

uzy-ssm-mall 安全漏洞

uzy-ssm-mall yuzu cloud e-commerce is an SSM framework by ghostxbh individual developer for building e-commerce, bookstore malls, customer management, and so on. A security vulnerability exists in uzy-ssm-mall version 1.1.0, which stems from the presence of XML external entity references in the...

EUVD-2017-12329

Malware in sbrugna...

EUVD-2017-12327

Malware in sbrugna...

EUVD-2021-14518

Malware in sbrugna...

EUVD-2008-0638

Malware in sbrugna...

EUVD-2023-46591

Malicious code in bioql PyPI...

Adobe Experience Manager 代码问题漏洞

Adobe Experience Manager is a content management solution from Adobe designed to help organizations efficiently create, manage and deliver cross-channel content while integrating business solutions to enhance the customer experience. Adobe Experience Manager suffers from an XML entity injection...

CVE-2023-6194

In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit document type definition DTD references to external entities. This means that if a user chooses to use a malicious report definition XML file containing an external entity reference to...

CVE-2023-42132

FD Application Apr. 2022 Edition Version 9.01 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker...

HAPI FHIR 安全漏洞

HAPI FHIR is a Java-written HL7 FHIR API for the HAPI FHIR open source. A security vulnerability exists in HAPI FHIR versions prior to v6.4.0 that stems from the presence of an external entity reference that allows an attacker to access sensitive information or execute arbitrary code by providing...

CVE-2024-6893

The "soapcgi.pyc" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources...

Easyadmin 代码问题漏洞

Easyadmin is a simple, lightweight backend management system scaffolding by laker personal developer. A code issue vulnerability exists in EasyAdmin version 20240315 and prior versions. An attacker exploited the vulnerability to cause xml external entity references...

Xxe

Electronic Deliverables Creation Support Tool Construction Edition prior to Ver1.0.4 and Electronic Deliverables Creation Support Tool Design & Survey Edition prior to Ver1.0.4 improperly restrict XML external entity references XXE. By processing a specially crafted XML file, arbitrary files on t...

CVE-2024-22380

Electronic Delivery Check System Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version March, Heisei 31 era edition Ver.14.0.001.002 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file,...

CVE-2024-22380

Electronic Delivery Check System Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version March, Heisei 31 era edition Ver.14.0.001.002 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file,...

JVN#01434915: Improper restriction of XML external entity references (XXE) in "Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version)"

"Electronic Delivery Check System Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version" provided by Ministry of Agriculture, Forestry and Fisheries improperly restricts XML external entity references XXE CWE-611. Impact Processing a specially craft...