19 matches found
EUVD-2023-31863
Malicious code in bioql PyPI...
EUVD-2023-31861
Malicious code in bioql PyPI...
EUVD-2023-31862
Malicious code in bioql PyPI...
CVE-2023-28150
An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28150
An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
Xxe
An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28152
An issue was discovered in Independentsoft JWord before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28152
An issue was discovered in Independentsoft JWord before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28152
An issue was discovered in Independentsoft JWord before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
PT-2023-21597 · Independentsoft · Jspreadsheet
Name of the Vulnerable Software and Affected Versions: Independentsoft JSpreadsheet versions prior to 1.1.110 Description: An issue was discovered in the API, which is prone to XML external entity XXE injection via a remote DTD in a DOCX file. Recommendations: For versions prior to 1.1.110, updat...
Independentsoft JODF 代码问题漏洞
Independentsoft JODF is an open document format API for Java and Android from Independentsoft, Germany. A security vulnerability exists in Independentsoft JODF versions prior to 1.1.110, which stems from the API's susceptibility to XML External Entity XXE injection via a remote DTD in a DOCX file...
Independentsoft JWord 代码问题漏洞
Independentsoft JWord is a Microsoft Word-compatible API for Java and Android from Independentsoft, Germany. A security vulnerability exists in Independentsoft JWord versions prior to 1.1.110, which stems from the API's susceptibility to XML External Entity XXE injection via a remote DTD in a DOC...
CVE-2023-28151
CVE-2023-28151 affects Independentsoft JSpreadsheet before 1.1.110. The issue is an XML External Entity (XXE) injection via a remote DTD in a DOCX file, arising from the API behavior. Public detail confirms the vulnerable component as JSpreadsheet’s API and the root cause as XXE in DOCX processin...
CVE-2023-28150
Independentsoft JODF (Java/Android) before 1.1.110 is affected by a XML External Entity (XXE) injection in DOCX processing via a remote DTD. The root cause is XXE handling in the API’s XML parsing, enabling potential disclosure or manipulation consistent with XXE risks. CVSS metrics in the CVE en...
CVE-2023-28150
An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28152
Independentsoft JWord before 1.1.110 is affected by an XML External Entity (XXE) injection via a remote DTD in a DOCX file. The.Root cause is an XXE vulnerability in the API that parses DOCX content, enabling unauthorized data access or manipulation. Impact in the NVD listing shows high severity ...