IBM Aspera Console 安全漏洞

IBM Aspera Console is a Web-based application from International Business Machines IBM, Inc. Allows users to centrally manage, monitor and control Aspera servers nodes and transports. A security vulnerability exists in IBM Aspera Console 3.4.4 and prior versions, which stems from an XPath injecti...

CVE-2021-41770

Ping Identity PingFederate before 10.3.1 mishandles pre-parsing validation, leading to an XXE attack that can achieve XML file disclosure...

About the security content of iCloud for Windows 10.9 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

CVE-2018-12710

CVE-2018-12710 affects D-Link DIR-601 devices (firmware about 2.02NA). A local attacker with a low-privilege User account can intercept a POST response and view the admin password in XML, gaining Admin rights. The issue is evidenced by multiple sources (NVD/NVD entry, Exploit-DB PoC, CNVD entry, ...

Microsoft Internet Explorer 5/6 XML Redirect File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5560/info A flaw in Microsoft Internet Explorer may reveal the entire contents of XML files and partial contents of other files to attackers. This vulnerability allows an attacker to read the entire contents of XML files,...

CVE-2013-3137

Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML data in a FrontPage document, aka "XML Disclosure Vulnerability."...

CVE-2013-3137

CVE-2013-3137 affects Microsoft FrontPage 2003 SP3. The issue arises from how FrontPage parses DTDs in XML inside FrontPage documents, causing an information-disclosure vulnerability. Remote attackers could obtain sensitive information by crafting a FrontPage document. Microsoft issued MS13-078 w...

Microsoft Frontpage information leakage

XML information disclosure...

Internet Explorer vulnerable to information disclosure

Overview Internet Explorer contains an issue in handling XML files, which may result in information disclosure. Isayama Takayoshi of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

Oracle Reports Server 6.0.89.0.x - XML File Disclosure

Oracle Reports Server 6.0.89.0.x - XML File Disclosure source: https://www.securityfocus.com/bid/14311/info Oracle Reports Server may allow remote attackers to disclose parts of arbitrary XML files. Reportedly, the server fails to restrict users from accessing parts of arbitrary XML files when...