CVE-2014-0931

CVE-2014-0931 maps to multiple XXE vulnerabilities in IBM Rational ClearCase components: CCRC WAN Server/CM Server, Perl CC/CQ integration scripts, CMAPI Java interface, ClearCase remote client, and CMI/OSLC-based ClearQuest integrations. Affected product lines span IBM Rational ClearCase 7.0.x (...

CVE-2018-10077

XML external entity XXE vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to read arbitrary files via crafted XML data...

Xxe

XML external entity XXE vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote authenticated users to cause a denial of service memory consumption via crafted XML data. IBM X-Force ID: 108357...

CVE-2015-7461

XML external entity XXE vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote authenticated users to cause a denial of service memory consumption via crafted XML data. IBM X-Force ID: 108357...

Xxe

XML external entity XXE vulnerability in IBM InfoSphere Information Governance Catalog 11.3 before 11.3.1.2 and 11.5 before 11.5.0.1 allows remote authenticated users to read arbitrary files or cause a denial of service via crafted XML data. IBM X-Force ID: 110510...

CVE-2016-0250

XML external entity XXE vulnerability in IBM InfoSphere Information Governance Catalog 11.3 before 11.3.1.2 and 11.5 before 11.5.0.1 allows remote authenticated users to read arbitrary files or cause a denial of service via crafted XML data. IBM X-Force ID: 110510...

CVE-2016-0250

CVE-2016-0250 is an XXE vulnerability in IBM InfoSphere Information Governance Catalog (IGC). It affects IGC versions 11.3 prior to 11.3.1.2 and 11.5 prior to 11.5.0.1, enabling a remote authenticated attacker to read arbitrary files or cause a denial of service by processing crafted XML data. Th...

Xxe

XML external entity XXE vulnerability in IBM Financial Transaction Manager FTM for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager FTM for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager FTM fo...

CVE-2016-0268

XML external entity XXE vulnerability in IBM Financial Transaction Manager FTM for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager FTM for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager FTM fo...

CVE-2016-0268

CVE-2016-0268 affects IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services on Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013. The vulnerability is an XML External Entity (XXE) issue in XML processing that could allow a remote authenticated atta...

CVE-2018-0489

Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this...

Design/Logic Flaw

Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this...

CVE-2018-0489

Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this...

CVE-2018-0489

Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this...

CVE-2018-0489

CVE-2018-0489 concerns the xmltooling library (XMLTooling-C) used by Shibboleth Service Provider and related products. The vulnerability arises in versions of xmltooling before 1.6.4 where digital signatures of user data are mishandled, enabling remote attackers to obtain sensitive information or...

CVE-2016-0369

XML external entity XXE vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088...

Xxe

XML external entity XXE vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088...

CVE-2016-0369

IBM Forms Experience Builder versions 8.5, 8.5.1 and 8.6 are affected by an XML External Entity (XXE) processing vulnerability. The root cause is XXE when processing XML data, which could allow a remote authenticated attacker to obtain sensitive information. The CVSS v3 base score is 2.7 (LOW). R...

CVE-2016-0369

XML external entity XXE vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088...

CVE-2017-17289

Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability. The software does not release allocated memory properly...