19 matches found
EUVD-2023-31863
Malicious code in bioql PyPI...
EUVD-2023-31862
Malicious code in bioql PyPI...
EUVD-2023-31861
Malicious code in bioql PyPI...
CVE-2023-28150
An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28150
An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
Xxe
An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28152
An issue was discovered in Independentsoft JWord before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28152
An issue was discovered in Independentsoft JWord before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28151
CVE-2023-28151 affects Independentsoft JSpreadsheet before 1.1.110. The issue is an XML External Entity (XXE) injection via a remote DTD in a DOCX file, arising from the API behavior. Public detail confirms the vulnerable component as JSpreadsheet’s API and the root cause as XXE in DOCX processin...
Independentsoft JODF 代码问题漏洞
Independentsoft JODF is an open document format API for Java and Android from Independentsoft, Germany. A security vulnerability exists in Independentsoft JODF versions prior to 1.1.110, which stems from the API's susceptibility to XML External Entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28150
An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28152
An issue was discovered in Independentsoft JWord before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28152
Independentsoft JWord before 1.1.110 is affected by an XML External Entity (XXE) injection via a remote DTD in a DOCX file. The.Root cause is an XXE vulnerability in the API that parses DOCX content, enabling unauthorized data access or manipulation. Impact in the NVD listing shows high severity ...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28150
Independentsoft JODF (Java/Android) before 1.1.110 is affected by a XML External Entity (XXE) injection in DOCX processing via a remote DTD. The root cause is XXE handling in the API’s XML parsing, enabling potential disclosure or manipulation consistent with XXE risks. CVSS metrics in the CVE en...
Independentsoft JWord 代码问题漏洞
Independentsoft JWord is a Microsoft Word-compatible API for Java and Android from Independentsoft, Germany. A security vulnerability exists in Independentsoft JWord versions prior to 1.1.110, which stems from the API's susceptibility to XML External Entity XXE injection via a remote DTD in a DOC...
PT-2023-21597 · Independentsoft · Jspreadsheet
Name of the Vulnerable Software and Affected Versions: Independentsoft JSpreadsheet versions prior to 1.1.110 Description: An issue was discovered in the API, which is prone to XML external entity XXE injection via a remote DTD in a DOCX file. Recommendations: For versions prior to 1.1.110, updat...