Security Bulletin: Due to the use of Logback, IBM Operations Analytics - Log Analysis is affected by Server‑Side Request Forgery (SSRF), and arbitrary code is being executed.

Summary Logback in Apache Zookeeper is used by IBM Operations Analytics - Log Analysis as part of the logging implementation. CVE-2024-12798, CVE-2024-12801. Vulnerability Details CVEID:CVE-2024-12798 DESCRIPTION: ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core upto including...

CVE-2021-33208

The "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA allows XXE attacks via a malicious XML configuration file...

CVE-2023-53908 HiSecOS 04.0.01 Privilege Escalation via User Role Modification

HiSecOS 04.0.01 contains a privilege escalation vulnerability that allows authenticated users to modify their access role through XML-based NETCONF configuration. Attackers can send crafted XML payloads to the /mopsdata endpoint with a specific role value to elevate their user privileges to...

EUVD-2007-1341

Malware in sbrugna...

EUVD-2018-8506

Malware in sbrugna...

EUVD-2019-0409

Malware in sbrugna...

EUVD-2017-4012

Malware in sbrugna...

EUVD-2024-3561

Malicious code in bioql PyPI...

EUVD-2021-6826

Malicious code in bioql PyPI...

EUVD-2025-2172

Malicious code in bioql PyPI...

Security Bulletin: SSRF Vulnerability in Logback's SaxEventRecorder via Malicious DOCTYPE in XML Configuration (Versions 0.1–1.3.14, 1.4.0–1.5.12) affects watsonx.data

Summary Server-Side Request Forgery SSRF in SaxEventRecorder by QOS.CH logback version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 on the Java platform, allows an attacker to forge requests by compromising logback configuration files in XML. The attacks involves the modification of DOCTYPE declaration in X...

Security Bulletin: SSRF Vulnerability in QOS.CH Logback via Malicious DOCTYPE in XML Config (v0.1–1.3.14, 1.4.0–1.5.12)

Summary Server-Side Request Forgery SSRF in SaxEventRecorder by QOS.CH logback version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 on the Java platform, allows an attacker to forge requests by compromising logback configuration files in XML. The attacks involves the modification of DOCTYPE declaration in X...

Ubuntu 14.04 LTS : c3p0 vulnerability (USN-7571-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7571-1 advisory. Aaron Massey discovered that c3p0 could be made to crash when parsing certain input. An attacker able to modify the applications XML configuration file could...

USN-7571-1 c3p0 vulnerability

Aaron Massey discovered that c3p0 could be made to crash when parsing certain input. An attacker able to modify the application’s XML configuration file could possibly use this issue to cause a denial of service...

USN-7571-1: c3p0 vulnerability

Aaron Massey discovered that c3p0 could be made to crash when parsing certain input. An attacker able to modify the application’s XML configuration file could possibly use this issue to cause a denial of service...

CVE-2023-24055

KeePass through 2.53 in a default installation allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor's position is that the password database is not intended to be secure against an attacker who has...

Cisco AsyncOS Input Validation Error Vulnerability (CNVD-2025-03529)

Cisco AsyncOS is an operating system for Cisco devices from Cisco USA. An input validation error vulnerability exists in Cisco AsyncOS, which stems from insufficient validation of an XML configuration file, and can be exploited by an authenticated remote attacker to upload specially crafted files...

CVE-2025-20184

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid...

CVE-2025-20184

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid...

CVE-2025-20184

Cisco CVE-2025-20184 affects the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance. The issue arises from insufficient validation of XML configuration files, allowing an authenticated attacker (with valid admin credentials) to u...