Lucene search
K

6 matches found

NVD
NVD
added 2019/10/23 10:15 p.m.29 views

CVE-2019-18213

XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF as well as SMB connection initiation that can lead to NetNTLM challenge/response captu...

8.8CVSS8.6AI score0.01981EPSS
Exploits1References6
0day.today
0day.today
added 2018/08/06 12:0 a.m.49 views

Vuze Bittorrent Client 5.7.6.0 - SSDP Processing XML External Entity Injection Vulnerability

Exploit for jsp platform in category web applications Vuze Bittorrent Client 5.7.6.0 - SSDP Processing XML External Entity Injection Reserved CVE: CVE-2018-13417 Vulnerability Overview The XML parsing engine for Vuze Bittorrent Client's SSDP/UPNP functionality is vulnerable to an XML External...

0.2AI score0.20695EPSS
Exploits5
Cvelist
Cvelist
added 2018/08/03 5:0 p.m.21 views

CVE-2018-13416

In Universal Media Server UMS 7.1.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing XXE attack. Remote, unauthenticated attackers can use this vulnerability to: 1 Access arbitrary files from the filesystem with the same permission as the user...

9.8AI score0.20185EPSS
Exploits5References2
exploitpack
exploitpack
added 2018/08/03 12:0 a.m.36 views

Vuze Bittorrent Client 5.7.6.0 - SSDP Processing XML External Entity Injection

Vuze Bittorrent Client 5.7.6.0 - SSDP Processing XML External Entity Injection Issue: Out-of-Band XXE in Vuze Bittorrent Client's SSDP Processing Reserved CVE: CVE-2018-13417 Vulnerability Overview The XML parsing engine for Vuze Bittorrent Client's SSDP/UPNP functionality is vulnerable to an XML...

7.5CVSS0.5AI score0.20695EPSS
Exploits5
exploitpack
exploitpack
added 2018/08/02 12:0 a.m.119 views

Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection

Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection Issue: Out-of-Band XXE in Universal Media Server's SSDP Processing Reserved CVE: CVE-2018-13416 Vulnerability Overview The XML parsing engine for Universal Media Server's SSDP/UPNP functionality is vulnerable to an XML...

7.5CVSS0.2AI score0.20185EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/08/02 12:0 a.m.41 views

Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection

Issue: Out-of-Band XXE in Universal Media Server's SSDP Processing Reserved CVE: CVE-2018-13416 Vulnerability Overview The XML parsing engine for Universal Media Server's SSDP/UPNP functionality is vulnerable to an XML External Entity Processing XXE attack. Unauthenticated attackers on the same L...

9.8CVSS9.6AI score0.20185EPSS
Exploits5
Rows per page
Query Builder