Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedHat Linux
RedHat Linuxadded 2025/07/29 1:4 p.m.2 views

libxml: Type confusion leads to Denial of service (DoS)

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...

9.1CVSS7.1AI score0.01777EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/05/23 6:31 a.m.6 views

CVE-2024-51093

Stored Cross-Site Scripting XSS vulnerability in Snipe-IT - v7.0.13 allows an attacker to upload a malicious XML file containing JavaScript code. This can lead to privilege escalation when the payload is executed, granting the attacker super admin permissions within the Snipe-IT system...

8.7CVSS5.8AI score0.00307EPSS
Exploits0References1
Packet Storm
Packet Stormadded 2025/03/07 12:0 a.m.251 views

Cleo LexiCom Harmony 5.8.0.23 CSRF / Command Execution

Cleo LexiCom Harmony version 5.8.0.23 suffers from a remote command execution vulnerability that can be leveraged via a cross site request forgery attack. ============================================================================================================================================= ...

7.4AI score
Exploits0
GithubExploit
GithubExploitadded 2024/05/31 12:38 a.m.280 views

Exploit for Deserialization of Untrusted Data in Apache Activemq

Resumen Técnico del Ataque: CVE-2023-46604 El script explota un...

10CVSS9.9AI score0.94436EPSS
Exploits31
OSV
OSVadded 2022/02/25 12:15 p.m.23 views

CVE-2022-24612

An authenticated user can upload an XML file containing an XSS via the ITSM module of EyesOfNetwork 5.3.11, resulting in a stored XSS...

5.4CVSS5.5AI score
Exploits0References1
Veracode
Veracodeadded 2019/11/20 2:26 a.m.22 views

XML External Entities (XXE)

nifi-lookup-services is vulnerable to XML external entities XXE. The vulnerability exists as the XMLFileLookupService allowed trusted users to use a malicious XML file to cause information such as the versions of Java, Jersey, and Apache to be revealed...

6.5CVSS3.9AI score0.00418EPSS
Exploits0References7Affected Software1
Cvelist
Cvelistadded 2019/11/19 9:32 p.m.22 views

CVE-2019-10080

The XMLFileLookupService in NiFi versions 1.3.0 to 1.9.2 allowed trusted users to inadvertently configure a potentially malicious XML file. The XML file has the ability to make external calls to services via XXE and reveal information such as the versions of Java, Jersey, and Apache that the NiFI...

6.5AI score0.00418EPSS
Exploits0References3
CNVD
CNVDadded 2018/08/24 12:0 a.m.3 views

Apache Cayenne CayenneModeler XML External Entity Injection Vulnerability

Apache Cayenne is the United States Apache Apache Software Foundation of an open source persistence framework that provides object-relational mapping ORM and remote services . CayenneModeler is one of the graphical user interface . A security vulnerability exists in CayenneModeler in Apache Cayen...

8.1CVSS7.9AI score0.00339EPSS
Exploits0References1
Rows per page
Query Builder