Lucene search
K

44 matches found

Prion
Prion
added 2014/09/23 9:55 p.m.29 views

Code injection

IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 allows remote attackers to cause a denial of service memory consumption via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564...

5CVSS6.3AI score0.01731EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2014/08/18 11:15 a.m.20 views

CVE-2014-5265

The Incutio XML-RPC IXR Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted...

5CVSS7AI score0.03089EPSS
Exploits0References6
OSV
OSV
added 2014/08/18 11:15 a.m.4 views

UBUNTU-CVE-2014-5265

The Incutio XML-RPC IXR Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted...

5CVSS5.8AI score0.03089EPSS
Exploits0References7
CVE
CVE
added 2014/05/23 2:0 p.m.69 views

CVE-2013-1864

The CVE-2013-1864 issue affects PTLib (Portable Tool Library) before 2.10.10 as used in Ekiga before 4.0.1. The vulnerability arises from improper detection of recursion during entity expansion, enabling a remote attacker to cause a denial of service via crafted PXML documents with a very large n...

4.3CVSS6.5AI score0.0285EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2014/05/12 2:0 p.m.21 views

CVE-2014-3243

SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted SOAP request containing a large number of nested entity references...

6.4AI score0.02658EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2014/05/12 2:0 p.m.37 views

CVE-2014-3243

Removed by vendor...

5CVSS6.7AI score0.02658EPSS
Exploits1
NVD
NVD
added 2014/02/26 2:55 p.m.24 views

CVE-2013-7332

The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity...

5CVSS6.9AI score0.13305EPSS
Exploits1References1
Prion
Prion
added 2014/02/26 2:55 p.m.22 views

Design/Logic Flaw

The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity...

5CVSS6.4AI score0.13305EPSS
Exploits1References1
Cvelist
Cvelist
added 2013/07/28 6:0 p.m.58 views

CVE-2011-1483

wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterpris...

7.1AI score0.02664EPSS
Exploits0References3
OSV
OSV
added 2013/01/13 10:55 p.m.4 views

DEBIAN-CVE-2013-0156

activesupport/coreext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a...

7.5CVSS7.5AI score0.99449EPSS
Exploits21References1
RedHat Linux
RedHat Linux
added 2013/01/10 10:32 p.m.6 views

rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack

activesupport/coreext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a...

7.5CVSS7.5AI score0.99449EPSS
Exploits21References4
Prion
Prion
added 2011/10/06 10:55 a.m.24 views

Code injection

Cisco Unified Presence before 8.54 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption, and process crash via a crafted XML document containing a large number of nested entity references, aka Bug IDs...

7.8CVSS6.5AI score0.01768EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2011/09/15 6:31 p.m.5 views

JBossWS remote Denial of Service

wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterpris...

9.3CVSS6.9AI score0.02664EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/09/15 6:6 p.m.6 views

JBossWS remote Denial of Service

wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterpris...

9.3CVSS6.9AI score0.02664EPSS
Exploits0References4
OSV
OSV
added 2011/06/21 2:52 a.m.8 views

CVE-2011-2188

LuaExpat before 1.2.0 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564...

6.8AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2011/06/21 2:52 a.m.32 views

CVE-2011-1755

jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564...

7.5CVSS7.1AI score0.03659EPSS
Exploits0References1
Prion
Prion
added 2011/06/21 2:52 a.m.24 views

Code injection

jabberd14 1.6.1.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564...

5CVSS6.5AI score0.02271EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2011/06/21 1:0 a.m.56 views

CVE-2011-1753

expaterl.c in ejabberd before 2.1.7 and 3.x before 3.0.0-alpha-3, and exmpp before 0.9.7, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of neste...

5CVSS7.2AI score0.02125EPSS
Exploits0
Debian CVE
Debian CVE
added 2011/06/21 1:0 a.m.45 views

CVE-2011-2188

LuaExpat before 1.2.0 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564...

5CVSS6.5AI score0.01745EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2009/08/21 5:30 p.m.28 views

CVE-2009-2473

neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, a similar issue to...

4.3CVSS6.6AI score0.08437EPSS
Exploits1References1
Rows per page
Query Builder