Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/03/31 9:5 p.m.1 views

CVE-2026-34401 XML Notepad: XML External Entity (XXE) Injection via Unsafe XmlTextReader in XML Diff and Schema Loading

XML Notepad is a Windows program that provides a simple intuitive User Interface for browsing and editing XML documents. Prior to version 2.9.0.21, XML Notepad does not disable DTD processing by default which means external entities are resolved automatically. There is a well known attack related...

6.5CVSS5.7AI score0.00329EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-0146

Malicious code in bioql PyPI...

8.6CVSS6.4AI score0.00033EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/01/24 6:34 p.m.23 views

CVE-2024-52807 XXE vulnerability in XSLT parsing in `org.hl7.fhir.publisher`

The HL7 FHIR IG publisher is a tool to take a set of inputs and create a standard FHIR IG. Prior to version 1.7.4, XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from...

8.6CVSS0.00033EPSS
Exploits0References3
Veracode
Veracodeadded 2024/12/26 9:31 a.m.6 views

XML External Entity (XXE) Injection

org.fhir, ucum is vulnerable to XML External Entity XXE Injection. The vulnerability is due to XML parsing performed by the UcumEssenceService, which allows a malicious DTD tag in the XML to inject data from the host system...

8.6CVSS6.5AI score0.00153EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blogadded 2024/12/13 8:35 p.m.12 views

Ucum-java has an XXE vulnerability in XML parsing

Impact XML parsing performed by the UcumEssenceService is vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where ucum is being used to within a host where external clients can...

8.6CVSS6.7AI score0.00153EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2024/11/08 6:49 p.m.10 views

GHSA-GR3C-Q7XF-47VH XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`

Summary XSLT parsing performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external...

8.6CVSS8.2AI score0.00325EPSS
Exploits0References8
CNNVD
CNNVDadded 2022/05/24 12:0 a.m.2 views

Morpheus Data Morpheus 代码问题漏洞

Morpheus Data Morpheus is a powerful self-service engine from Morpheus Data USA, Inc. that delivers enterprise agility, control and efficiency. A security vulnerability exists in Morpheus Data Morpheus version 5.2.16 and version 5.4.x prior to version 5.4.4, which stems from the discovery of an X...

7.5CVSS7.4AI score0.00357EPSS
Exploits0References4
Rows per page
Query Builder