CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-0154

Malware in sbrugna...

7.1CVSS6.8AI score0.00449EPSS

Exploits0References9

Github Security Blog•added 2022/05/24 5:6 p.m.•28 views

PyAMF vulnerable to XML external entity (XXE)

PyAMF provides Action Message Format AMF support for Python that is compatible with the Adobe Flash Player. It includes integration with Python web frameworks like Django, Pylons, Twisted, SQLAlchemy, web2py and more. XML external entity XXE vulnerability in PyAMF before 0.8.0 allows remote...

7.1CVSS6.6AI score0.00449EPSS

Exploits0References7Affected Software1

OSV•added 2022/05/24 5:6 p.m.•10 views

GHSA-M7M4-4VM8-55WG PyAMF vulnerable to XML external entity (XXE)

7.2CVSS6.9AI score0.00449EPSS

Exploits0References8

Veracode•added 2020/01/16 3:9 a.m.•33 views

XML External Entity (XXE) Injection

pyamf is vulnerable to XML external entity XXE attacks. The attack exists because the XML parser does not disable the parsing of external DTDs, allowing a remote attacker to inject malicious external DTD entities via an Action Message Format AMF payload to retrieve system files or perform request...

7.1CVSS5.4AI score0.00449EPSS

Exploits0References6Affected Software1

NVD•added 2020/01/15 3:15 p.m.•5 views

CVE-2015-8549

XML external entity XXE vulnerability in PyAMF before 0.8.0 allows remote attackers to cause a denial of service or read arbitrary files via a crafted Action Message Format AMF payload...

7.1CVSS6.9AI score0.00449EPSS

Exploits0References4

PyPA•added 2020/01/15 3:15 p.m.•4 views

PYSEC-2020-339

XML external entity XXE vulnerability in PyAMF before 0.8.0 allows remote attackers to cause a denial of service or read arbitrary files via a crafted Action Message Format AMF payload...

7.1CVSS7AI score0.00449EPSS

Exploits0References7Affected Software1

Prion•added 2020/01/15 3:15 p.m.•10 views

Xxe

XML external entity XXE vulnerability in PyAMF before 0.8.0 allows remote attackers to cause a denial of service or read arbitrary files via a crafted Action Message Format AMF payload...

5.8CVSS7.2AI score0.00449EPSS

Exploits0References4Affected Software1

OSV•added 2020/01/15 3:15 p.m.•12 views

PYSEC-2020-339

XML external entity XXE vulnerability in PyAMF before 0.8.0 allows remote attackers to cause a denial of service or read arbitrary files via a crafted Action Message Format AMF payload...

7.1CVSS6.5AI score0.00449EPSS

Exploits0References7

CVE•added 2020/01/15 2:48 p.m.•63 views

CVE-2015-8549

PyAMF (Python AMF) before version 0.8.0 contains an XML External Entity (XXE) vulnerability that can cause DoS or allow reading arbitrary files via crafted AMF payloads. This CVE-2015-8549 entry is corroborated by multiple connected sources (OSV GHSA entry, NVD description, and PyAMF advisories),...

7.1CVSS6.7AI score0.00449EPSS

Exploits0References4Affected Software1

Cvelist•added 2020/01/15 2:48 p.m.•11 views

CVE-2015-8549

XML external entity XXE vulnerability in PyAMF before 0.8.0 allows remote attackers to cause a denial of service or read arbitrary files via a crafted Action Message Format AMF payload...

6.8AI score0.00449EPSS

Exploits0References4

ArchLinux•added 2015/12/17 12:0 a.m.•20 views

python2-pyamf: XML external entity injection

PyAMF suffers from insufficient AMF input payload sanitization which results in the XML parser not preventing the processing of XML external entities XXE. A specially crafted AMF payload, containing malicious references to XML external entities, can be used to trigger denial of service DoS...

5.5AI score0.00449EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by