29 matches found
EUVD-2022-2479
Malicious code in bioql PyPI...
EUVD-2022-1984
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2014-3243
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption...
Linux Distros Unpatched Vulnerability : CVE-2014-3242
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SOAPpy 0.12.5 allows remote attackers to read arbitrary files via a SOAP request containing an external entity declaration in conjunction with an entity...
Journyx 11.5.4 XML Injection
KL-001-2024-010: Journyx Unauthenticated XML External Entities Injection Title: Journyx Unauthenticated XML External Entities Injection Advisory ID: KL-001-2024-010 Publication Date: 2024.08.07 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-010.txt 1. Vulnerability Detail...
Journyx 11.5.4 XML Injection Vulnerability
Journyx version 11.5.4 has an issue where the soapcgi.pyc API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources. Title:...
Journyx Unauthenticated XML External Entities Injection
Vulnerability Details Affected Vendor: Journyx Affected Product: Journyx jtime Affected Version: 11.5.4 Platform: GNU/Linux CWE Classification: CWE-611: Improper Restriction of XML External Entity Reference CVE ID: CVE-2024-6893 2. Vulnerability Description The "soapcgi.pyc" API handler allows...
RHEL 7 : soappy (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - SOAPpy: XML External Entity XXE flaw CVE-2014-3242 - SOAPpy 0.12.5 does not properly detect recursion...
RHEL 6 : soappy (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - SOAPpy: XML External Entity XXE flaw CVE-2014-3242 - SOAPpy 0.12.5 does not properly detect recursion...
SOAPpy vulnerable to XXE attacks
SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted SOAP request containing a large number of nested entity references...
GHSA-2GH8-GR6X-7Q26 SOAPpy vulnerable to XXE attacks
SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted SOAP request containing a large number of nested entity references...
SOAPpy vulnerable to XML External Entity attacks
SOAPpy 0.12.5 allows remote attackers to read arbitrary files via a SOAP request containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...
GHSA-52WR-3VWW-RMPQ SOAPpy vulnerable to XML External Entity attacks
SOAPpy 0.12.5 allows remote attackers to read arbitrary files via a SOAP request containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...
SOAPpy 0.12.5 /Parser.py XML注入漏洞
No description provided by source...
SOAPpy 0.12.5 多个漏洞
0×01:Background SOAPpy provides tools for building SOAP clients and servers.The goal of the SOAPpy team is to provide a full featured SOAP library for Python that is very simple to use and that fully supports dynamic interaction between clients and servers. SOAPpy use sax.xml as SOAP parser to...
CVE-2014-3243
SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted SOAP request containing a large number of nested entity references...
CVE-2014-3242
SOAPpy 0.12.5 allows remote attackers to read arbitrary files via a SOAP request containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...
Design/Logic Flaw
SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted SOAP request containing a large number of nested entity references...
CVE-2014-3242
SOAPpy 0.12.5 allows remote attackers to read arbitrary files via a SOAP request containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...
CVE-2014-3243
SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted SOAP request containing a large number of nested entity references...