CVE-2021-33879

Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A malicious attacker in an MITM position could spoof the contents of an XML document describing an update package, replacing a download URL with one pointing to an arbitrary Windows executable. Because the only...

EUVD-2014-6187

Malware in sbrugna...

EUVD-2014-0894

Malware in sbrugna...

EUVD-2016-4726

Malware in sbrugna...

EUVD-2014-4753

Malware in sbrugna...

CVE-2019-17323

ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation and execution via report print function of rexpert viewer with modified XML document. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page...

CVE-2011-3288

Cisco Unified Presence before 8.54 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption, and process crash via a crafted XML document containing a large number of nested entity references, aka Bug IDs...

Microsoft XmlDocument Class Privilege Vulnerability

Microsoft Windows 10, etc. are a series of operating systems released by Microsoft Corporation in the U.S. The XmlDocument class is one of the classes used to load XML into the document object model. An elevation vulnerability exists in the Microsoft XmlDocument class that can be exploited by a...