Lucene search
K

1196 matches found

Nuclei
Nuclei
added 2 days ago85 views

Apache OFBiz - XML External Entity Injection

In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine org.apache.ofbiz.service.engine.HttpEngine.java handles requests for HTTP services via the /webtools/control/httpService endpoint. Both POST and GET requests to the httpService endpoint may contain three parameters: serviceName,...

7.5CVSS7AI score0.25743EPSS
Exploits0
Nuclei
Nuclei
added 2 days ago88 views

Apache Solr <= 7.1 - XML Entity Injection

Apache Solr with Apache Lucene before 7.1 is susceptible to remote code execution by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external...

9.8CVSS7.3AI score0.91896EPSS
Exploits11References5
Cvelist
Cvelist
added 2026/06/25 11:23 p.m.42 views

CVE-2026-12993 Apicurio/apicurio-registry: apicurio-registry: xml entity-expansion denial of service via internal dtd subset

A flaw was found in Apicurio Registry. The DocumentBuilderAccessor correctly blocks external DTD and schema access but does not disable DOCTYPE declarations or enable FEATURESECUREPROCESSING. An attacker with artifact-write permission can upload XML documents with internal entity-expansion payloa...

6.5CVSS0.00243EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/25 11:23 p.m.8 views

CVE-2026-12993

A flaw was found in Apicurio Registry. The DocumentBuilderAccessor correctly blocks external DTD and schema access but does not disable DOCTYPE declarations or enable FEATURESECUREPROCESSING. An attacker with artifact-write permission can upload XML documents with internal entity-expansion payloa...

6.5CVSS5.8AI score0.00243EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 5:45 p.m.58 views

CVE-2026-44020

Docling (USPTO patent XML parsers in the Docling stack) contains an XXE vulnerability in the XML parser used by the USPTO patent formats. From 2.13.0 through 2.74.0, the USPTO patent XML parser used xml.sax.parseString() without protections against external entity references, enabling attackers t...

9.4CVSS6AI score0.00334EPSS
Exploits0References4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 1:48 p.m.5 views

Security Bulletin: Vulnerability in node-tar affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in node-tar has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...

9.3CVSS5.9AI score0.00445EPSS
Exploits1Affected Software2
CVE
CVE
added 2026/06/18 2:31 p.m.29 views

CVE-2025-58175

CVE-2025-58175 affects GeoServer prior to 2.26.4 and 2.27.3. When GeoServer is configured to use a proxy base URL and ENTITY_RESOLUTION_ALLOWLIST, an unauthenticated Server-Side Request Forgery (SSRF) can be triggered. The issue only affects installations where the proxy base URL lacks a URL path...

8.2CVSS5.3AI score0.00287EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/18 2:31 p.m.3 views

CVE-2025-58175 GeoServer has a Server-Side Request Forgery (SSRF) Vulnerability in its XML Entity Resolution

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.26.4 and 2.27.3, a GeoServer that uses ENTITYRESOLUTIONALLOWLIST may allow attacker to perform unauthenticated Server-Side Request Forgery SSRF. This vulnerability requires that GeoServer i...

6.5CVSS5.9AI score0.00287EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.18 views

VMware Spring REST Docs 代码问题漏洞

VMware Spring REST Docs is a REST API documentation generation framework developed by VMware, Inc. There are code-related vulnerabilities in VMware Spring REST Docs. These vulnerabilities arise when using spring-restdocs-webtestclient or spring-restdocs-restassistant to record remote APIs accesse...

5.9CVSS5.5AI score0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 3:51 p.m.42 views

CVE-2026-45771 Freeswitch Denial-of-Service in SIP PUBLISH Requests via XML Entity Expansion

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, FreeSWITCH's bundled XML parser expands nested declarations without a depth or count boun...

7.5CVSS0.00343EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 3:51 p.m.10 views

CVE-2026-45771 Freeswitch Denial-of-Service in SIP PUBLISH Requests via XML Entity Expansion

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, FreeSWITCH's bundled XML parser expands nested declarations without a depth or count boun...

7.5CVSS5.4AI score0.00343EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 3:51 p.m.37 views

CVE-2026-45771

FreeSWITCH (before version 1.11.0) is vulnerable to a Denial-of-Service via its bundled XML parser, which expands nested declarations without a bound, allowing an unauthenticated attacker to drive unbounded CPU/memory usage by sending a crafted SIP PUBLISH PIDF body. The issue arises because the...

7.5CVSS5.4AI score0.00343EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/09 3:51 p.m.5 views

CVE-2026-45771 Freeswitch Denial-of-Service in SIP PUBLISH Requests via XML Entity Expansion

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, FreeSWITCH's bundled XML parser expands nested declarations without a depth or count boun...

7.5CVSS5.9AI score0.00343EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/27 9:11 a.m.13 views

Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.17.0 shipped with IBM Cloud Pak for Business Automation iFixes for April 2026

Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation April 2026 security fixes update this dependency beyond 4.17.0 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2022-23990 DESCRIPTION: Expat aka...

9.1CVSS7.2AI score0.03992EPSS
Exploits7Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/22 10:36 p.m.18 views

Security Bulletin: IBM Cognos Analytics Mobile is affected by multiple security vulnerabilties

Summary IBM Cognos Analytics Mobile is affected by multiple security vulnerabilities. These have been addressed in IBM Cognos Analytics Mobile 1.1.26. Vulnerability Details CVEID:CVE-2026-26278 DESCRIPTION: fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS...

9.8CVSS7.2AI score0.62378EPSS
Exploits11Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.9 views

Unity Linux 20.1070e Security Update: quartz (UTSA-2026-016722)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016722 advisory. initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description. Tenable has extracte...

9.8CVSS6.8AI score0.162EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/20 3:35 p.m.16 views

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Overview Affected versions of this package are vulnerable to Improper Restriction of Recursive Entity References in DTDs 'XML Entity Expansion' via Recursive Collection-Alias Expansion "Billion Laughs". Symfony\Component\Yaml\Parser resolves YAML aliases anchor during parsing. Aliases that...

8.7CVSS5.8AI score0.00076EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/05/20 7:13 a.m.10 views

Security update for cockpit

This update for cockpit fixes the following issues CVE-2026-0775: npm: loading of modules from an unsecured location can be used for local privilege escalation and arbitrary code execution in the context of a target user bsc1256521. CVE-2026-4802: remote command execution via unsanitized...

8.8CVSS7.7AI score0.01016EPSS
Exploits1References12
OSV
OSV
added 2026/05/20 7:13 a.m.5 views

SUSE-SU-2026:2019-1 Security update for cockpit

This update for cockpit fixes the following issues - CVE-2026-0775: npm: loading of modules from an unsecured location can be used for local privilege escalation and arbitrary code execution in the context of a target user bsc1256521. - CVE-2026-4802: remote command execution via unsanitized...

8CVSS7.7AI score0.01016EPSS
Exploits1References7
OSV
OSV
added 2026/05/19 8:23 a.m.6 views

SUSE-SU-2026:2005-1 Security update for cockpit

This update for cockpit fixes the following issues - CVE-2026-0775: npm: loading of modules from an unsecured location can be used for local privilege escalation and arbitrary code execution in the context of a target user bsc1256521. - CVE-2026-4802: remote command execution via unsanitized...

8CVSS7.7AI score0.01016EPSS
Exploits1References7
Rows per page
Query Builder