Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2026/03/12 7:21 p.m.1 views

CVE-2026-32251 Tolgee has an XXE Injection in Translation Import

Tolgee is an open-source localization platform. Prior to 3.166.3, the XML parsers used for importing Android XML resources .xml and .resx files don't disable external entity processing. An authenticated user who can import translation files into a project can exploit this to read arbitrary files...

9.3CVSS5.9AI score0.00424EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/12 7:21 p.m.4 views

EUVD-2026-11691

Tolgee is an open-source localization platform. Prior to 3.166.3, the XML parsers used for importing Android XML resources .xml and .resx files don't disable external entity processing. An authenticated user who can import translation files into a project can exploit this to read arbitrary files...

9.3CVSS5.9AI score0.00424EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.6 views

PT-2026-25060

Name of the Vulnerable Software and Affected Versions Tolgee versions prior to 3.166.3 Description Tolgee is an open-source localization platform. The XML parsers used for importing Android XML resources .xml and .resx files do not disable external entity processing. An authenticated user who can...

9.3CVSS6AI score0.00424EPSS
Exploits1References11
ATTACKERKB
ATTACKERKB
added 2018/07/31 12:0 a.m.14 views

CVE-2018-14581

Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific embedded resource file. Recent assessments: zeroSteiner at March 20, 2020 12:43pm UTC reported: A crafted .RESX...

7.8CVSS2.9AI score0.01838EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/02/06 12:0 a.m.16 views

openSUSE Security Update : translate-toolkit (openSUSE-2018-130)

This update for translate-toolkit to 2.2.4 fixes several issues. This security issue was fixed : - Prevent inclusion of external ressources XXE boo1073535 These non-security issues were fixed : - Added support for nested and WebExtension JSON dialects. - po2txt no longer converts non-translatable...

5.4AI score
Exploits0References1
Rows per page
Query Builder