GHSA-WC9J-GC65-3CM7 DDFFileParser is vulnerable to XXE Attacks

Impact DDFFileParser and DefaultDDFFileValidator and so ObjectLoader are vulnerable to XXE AttacksProcessing. DDF file is a LWM2M format used to store LWM2M object description. Leshan users are impacted only if they parse untrusted DDF files e.g. if they let external users provide their own model...

SUSE CVE-2010-4470

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the Februar...

XML External Entity (XXE)

stanford-corenlp is vulnerable to xml external entity attacks. The vulnerability exists in the getValidatingXmlParser function in XMLUtils.java due to lack of sanitization of XML input containing a reference to an external entity, allowing an attacker to pass malicious schema XML file when...

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2011:054)

Multiple vulnerabilities has been identified and fixed in java-1.6.0-openjdk : The JNLP SecurityManager in IcedTea IcedTea.so 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances...

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the Februar...

CVE-2010-4470

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the Februar...