26 matches found
EUVD-2019-7947
Malware in sbrugna...
EUVD-2019-7946
Malware in sbrugna...
EUVD-2023-58442
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-6194
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit document type definition DTD references to external...
CVE-2023-6194
In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit document type definition DTD references to external entities. This means that if a user chooses to use a malicious report definition XML file containing an external entity reference to...
CVE-2019-17635
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if an index file of a parsed heap dump is replaced by a malicious version and the heap dump is reopened in Memory Analyzer. The user must chose to reopen an already parsed heap dump with an untrusted...
CVE-2019-17634
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting XSS vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem to occur. The heap dump coul...
CVE-2023-6194
In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit document type definition DTD references to external entities. This means that if a user chooses to use a malicious report definition XML file containing an external entity reference to...
Xxe
In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit document type definition DTD references to external entities. This means that if a user chooses to use a malicious report definition XML file containing an external entity reference to...
CVE-2023-6194
In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit document type definition DTD references to external entities. This means that if a user chooses to use a malicious report definition XML file containing an external entity reference to...
CVE-2023-6194
CVE-2023-6194 affects Eclipse Memory Analyzer (versions 0.7 to 1.14.0). The issue arises because report definition XML files do not filter references to external entities in DTDs, allowing a malicious report file to cause the tool to access external files or URLs defined via a DTD when generating...
Eclipse Memory Analyzer Code Issue Vulnerability
Eclipse Memory Analyzer is a memory analysis tool from the Eclipse Foundation. A security vulnerability exists in Eclipse Memory Analyzer versions 0.7 through 1.14.0, which stems from not filtering reports on partial XML files...
CVE-2023-6194
In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit document type definition DTD references to external entities. This means that if a user chooses to use a malicious report definition XML file containing an external entity reference to...
Eclipse Memory Analyzer code issue vulnerability
Eclipse Memory Analyzer is a memory analysis tool from the Eclipse Foundation. A code issue vulnerability exists in Eclipse Memory Analyzer 1.9.1 and prior versions. The vulnerability stems from an improperly designed or implemented code development process for a networked system or product. No...
Eclipse Memory Analyzer Cross-Site Scripting Vulnerability
Eclipse Memory Analyzer is a memory analysis tool from the Eclipse Foundation. A cross-site scripting vulnerability exists in Eclipse Memory Analyzer 1.9.1 and prior versions. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can...
CVE-2019-17635
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if an index file of a parsed heap dump is replaced by a malicious version and the heap dump is reopened in Memory Analyzer. The user must chose to reopen an already parsed heap dump with an untrusted...
CVE-2019-17635
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if an index file of a parsed heap dump is replaced by a malicious version and the heap dump is reopened in Memory Analyzer. The user must chose to reopen an already parsed heap dump with an untrusted...
CVE-2019-17634
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting XSS vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem to occur. The heap dump coul...
CVE-2019-17634
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting XSS vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem to occur. The heap dump coul...
Cross site scripting
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting XSS vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem to occur. The heap dump coul...