7 matches found
EUVD-2021-7882
Malicious code in bioql PyPI...
Typecho Security Vulnerability
typecho is a PHP blogging platform for typecho individual developers. It is simple and powerful. Typecho v1.2.1 version of a security vulnerability , the vulnerability stems from the component / index.php / action / xmlrpc has a security hole . Attackers can use the vulnerability for XML secondar...
Code injection
IBM Cognos Analytics PowerPlay IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could be vulnerable to an XML Bomb attack by a malicious authenticated user. IBM X-Force ID: 196813...
GHSA-QPMC-WPRV-X746 Inline DTD allows XML bomb attack
The SweetXml aka sweetxml package through 0.6.6 for Erlang and Elixir allows attackers to cause a denial of service resource consumption via an XML entity expansion attack with an inline DTD...
Inline DTD allows XML bomb attack
The SweetXml aka sweetxml package through 0.6.6 for Erlang and Elixir allows attackers to cause a denial of service resource consumption via an XML entity expansion attack with an inline DTD...
XML Entity Expansion (XEE)
Qt is is vulnerable to XML entity expansion. The vulnerability exists due to mishandling of 'QXmlStreamReader' allowing a malicious attacker to send crafted SVG to cause an xml bomb attack...
XML Entity Expansion
feedgen is vulnerable to XML entity expansion. The library allows parsing of XML content into existing XML tree, which would allow an attacker to perform an XML bomb attack resulting in excessive resource consumption leading to an application crash...