catalystcoop-ferc-xbrl-extractor (>=0.6.1 <=0.8.4), catalystcoop-pudl (>=2022.11.30 <=2022.11.30.post1) +1 more potentially affected by CVE-2026-42796 via arelle-release (>=2.10.8 <=2.2.4)

arelle-release PYPI version =2.10.8, =0.6.1, =2022.11.30, =0.6.1, =0.7.0rc1 Source cves: CVE-2026-42796 Source advisory: SNYK:PYTHON-ARELLERELEASE-16635954...

beam-pyspark-runner (>=0.0.1 <=0.0.3), brel-xbrl (=0.8.2a1) +53 more potentially affected by CVE-2025-55039 via pyspark (>=3.5.0 <=3.5.1)

pyspark PYPI version =3.5.0, =0.0.1, =1.3.2, =0.13.0, =0.0.1, =1.2.17, =0.0.0, =5.0.0, =0.0.3, =1.1.0 - hari-data =0.1.5 - hermione-databricks =1.0.1 and more Source cves: CVE-2025-55039 Source advisory: OSV:PYSEC-2025-184...

EUVD-2003-1405

Malware in sbrugna...

EUVD-2023-36878

Malicious code in bioql PyPI...

CVE-2023-32635

XBRL data create application version 7.0 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XBRL file, arbitrary files on the system may be read by an attacker...

CVE-2023-32635

XBRL data create application version 7.0 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XBRL file, arbitrary files on the system may be read by an attacker...

CVE-2023-32635

XBRL data create application version 7.0 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XBRL file, arbitrary files on the system may be read by an attacker...

Xxe

XBRL data create application version 7.0 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XBRL file, arbitrary files on the system may be read by an attacker...

CVE-2023-32635

CVE-2023-32635 affects the XBRL data create application (7.0 and earlier). The root cause is improper restriction of XML External Entity (XXE) references, enabling a specially crafted XBRL file to cause the system to read arbitrary files. The issue is documented across multiple sources (e.g., JVN...

CVE-2023-32635

XBRL data create application version 7.0 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XBRL file, arbitrary files on the system may be read by an attacker...

JVN#44726469: Improper restriction of XML external entity references (XXE) in XBRL data create application

XBRL data create application provided by Financial Services Agency improperly restricts XML external entity references XXE CWE-611. Impact By processing a specially crafted XBRL file, arbitrary files on the system may be read by an attacker. Solution Update the Software Update the software to the...

SEC cyber risk management rule—a security and compliance opportunity

In my practice as a Microsoft Global Black Belt, I focus on the technical and business enablement aspects of protecting organizations from cyber threats with tools like Microsoft 365 Defender, Microsoft Purview and Microsoft Sentinel. In my role as a board member for another publicly traded...

SEC cyber risk management rule—a security and compliance opportunity

In my practice as a Microsoft Global Black Belt, I focus on the technical and business enablement aspects of protecting organizations from cyber threats with tools like Microsoft 365 Defender, Microsoft Purview and Microsoft Sentinel. In my role as a board member for another publicly traded...

CVE-2003-1415

NetCharts XBRL Server 4.0.0 allows remote attackers to obtain sensitive information via an HTTP request with an invalid chunked transfer encoding specification...

CVE-2003-1415

NetCharts XBRL Server 4.0.0 is affected by a vulnerability allowing remote attackers to obtain sensitive information via an HTTP request with an invalid chunked transfer encoding specification. The connected documents confirm the affected product/version and the information-leak impact but do not...

CVE-2003-1415

NetCharts XBRL Server 4.0.0 allows remote attackers to obtain sensitive information via an HTTP request with an invalid chunked transfer encoding specification...

Netcharts XBRL Server information leakage

Information leakage from process memory on chunked encoding...

[SecurityOffice] Netcharts XBRL Server v4.0.0 Information Leakage Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: MD5 - -- Netcharts XBRL Server v4.0.0 Information Leakage Vulnerability -- - -- Type Information Leakage - -- Release Date March 17, 2003 - -- Product / Vendor NetCharts XBRL Server 4.0 is a data visualization service that generates charts and graphs,...