161 matches found
EUVD-2015-8722
Malware in sbrugna...
EUVD-2018-0420
Malware in sbrugna...
EUVD-2020-6519
Malware in sbrugna...
EUVD-2020-27999
Malware in sbrugna...
EUVD-2019-1044
Malware in sbrugna...
EUVD-2023-0296
Malicious code in bioql PyPI...
CVE-2024-10218 TIBCO Hawk Stored-XEE Vulnerability
XSS Attack in mar.jar, Monitoring Archive Utility MAR Utility, monitoringconsolecommon.jar in TIBCO Software Inc TIBCO Hawk and TIBCO Operational Intelligence...
Toshiba Printers Multiple Vulnerabilities (May 2024)
Multiple Toshiba printers are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
GHSA-8X2V-PCG7-94F4 Zend-JSON vulnerable to XXE/XEE attacks
Numerous components utilizing PHP's DOMDocument, SimpleXML, and xmlparse functionality are vulnerable to two types of attacks: - XML eXternal Entity XXE Injection attacks. The above mentioned extensions are insecure by default, allowing external entities to be specified by adding a specific DOCTY...
Zend-JSON vulnerable to XXE/XEE attacks
Numerous components utilizing PHP's DOMDocument, SimpleXML, and xmlparse functionality are vulnerable to two types of attacks: - XML eXternal Entity XXE Injection attacks. The above mentioned extensions are insecure by default, allowing external entities to be specified by adding a specific DOCTY...
GHSA-2JX7-XG83-J2M7 Zendframework Denial of Service vector via XEE injection
ZendDom, ZendFeed, ZendSoap, and ZendXmlRpc are vulnerable to XML Entity Expansion XEE vectors, leading to Denial of Service vectors. XEE attacks occur when the XML DOCTYPE declaration includes XML entity definitions that contain either recursive or circular references; this leads to CPU and memo...
Zendframework Denial of Service vector via XEE injection
ZendDom, ZendFeed, ZendSoap, and ZendXmlRpc are vulnerable to XML Entity Expansion XEE vectors, leading to Denial of Service vectors. XEE attacks occur when the XML DOCTYPE declaration includes XML entity definitions that contain either recursive or circular references; this leads to CPU and memo...
ZendFramework potential XML eXternal Entity injection vectors
Numerous components utilizing PHP's DOMDocument, SimpleXML, and xmlparse functionality are vulnerable to two types of attacks: - XML eXternal Entity XXE Injection attacks. The above mentioned extensions are insecure by default, allowing external entities to be specified by adding a specific DOCTY...
GHSA-F4FJ-Q6M4-CC52 ZendFramework vulnerable to XXE/XEE attacks
Numerous components utilizing PHP's DOMDocument, SimpleXML, and xmlparse functionality are vulnerable to two types of attacks: - XML eXternal Entity XXE Injection attacks. The above mentioned extensions are insecure by default, allowing external entities to be specified by adding a specific DOCTY...
ZendFramework vulnerable to XXE/XEE attacks
Numerous components utilizing PHP's DOMDocument, SimpleXML, and xmlparse functionality are vulnerable to two types of attacks: - XML eXternal Entity XXE Injection attacks. The above mentioned extensions are insecure by default, allowing external entities to be specified by adding a specific DOCTY...
Zendframework vulnerable to XXE/XEE attacks
Numerous components utilizing PHP's DOMDocument, SimpleXML, and xmlparse functionality are vulnerable to two types of attacks: - XML eXternal Entity XXE Injection attacks. The above mentioned extensions are insecure by default, allowing external entities to be specified by adding a specific DOCTY...
GHSA-QC7W-4567-84WV Zendframework vulnerable to XXE/XEE attacks
Numerous components utilizing PHP's DOMDocument, SimpleXML, and xmlparse functionality are vulnerable to two types of attacks: - XML eXternal Entity XXE Injection attacks. The above mentioned extensions are insecure by default, allowing external entities to be specified by adding a specific DOCTY...
GHSA-QFFC-GWPP-M2XR XML External Entity (XXE) Processing in TYPO3 Core
All XML processing within the TYPO3 CMS are vulnerable to XEE processing. This can lead to load internal and/or external file content within an XML structure. Furthermore it is possible to inject arbitrary files for an XML Denial of Service attack. For more information on that topic see...
XML External Entity (XXE) Processing in TYPO3 Core
All XML processing within the TYPO3 CMS are vulnerable to XEE processing. This can lead to load internal and/or external file content within an XML structure. Furthermore it is possible to inject arbitrary files for an XML Denial of Service attack. For more information on that topic see...
GHSA-4VF2-QFG3-7598 symfony/validator XML Entity Expansion vulnerability
Symfony 2.0.11 carried a similar XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion XEE attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no curren...