27 matches found
CVE-2017-14949
Restlet Framework before 2.3.12 is affected by CVE-2017-14949, allowing remote attackers to access arbitrary files via a crafted REST API HTTP request that triggers an XXE attack. The vulnerability is linked to XML representations (XmlRepresentation, DOMRepresentation, SaxRepresentation) and Jack...
Serviio PRO 1.8 DLNA Media Streaming Server REST API Information Disclosure
Summary Serviio is a free media server. It allows you to stream your media files music, video or images to renderer devices e.g. a TV set, Bluray player, games console or mobile phone on your connected home network. Description The version of Serviio installed on the remote Windows/Linux host is...
CVE-2014-1868
Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion XEE attack...
CVE-2014-1868
Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion XEE attack...
UBUNTU-CVE-2014-1868
Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion XEE attack...
CVE-2014-1868
Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion XEE attack...
CVE-2014-1868
The affected software is Restlet Framework, specifically version 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1. The root cause is processing XML with XMLRepresentation or XML serializers that allows an XML Entity Expansion (XEE) attack, leading to denial of service. No exploit details are provided....