CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-0127

Malware in sbrugna...

9.8CVSS9.2AI score0.01877EPSS

Exploits0References14

RedhatCVE•added 2025/05/22 3:29 p.m.•4 views

CVE-2020-29128

petl before 1.68, in some configurations, allows resolution of entities in an XML document...

9.8CVSS6.8AI score0.01877EPSS

Exploits0

Positive Technologies•added 2023/03/07 12:0 a.m.•2 views

PT-2023-21153 · Xml.Etree +2 · Xml.Etree +2

Name of the Vulnerable Software and Affected Versions: OWSLib versions prior to 0.28.1 Description: The XML parser in OWSLib does not disable entity resolution, which could lead to arbitrary file reads from an attacker-controlled XML payload. This issue affects all XML parsing in the codebase. Th...

8.8CVSS7.6AI score0.00168EPSS

Exploits0References30

Prion•added 2021/07/09 2:15 p.m.•20 views

Design/Logic Flaw

The API /vsaWS/KaseyaWS.asmx can be used to submit XML to the system. When this XML is processed external entities are insecurely processed and fetched by the system and returned to the attacker. Detailed description Given the following request: POST /vsaWS/KaseyaWS.asmx HTTP/1.1 Content-Type:...

5CVSS7.4AI score0.00329EPSS

Exploits1References4Affected Software1

CVE•added 2021/07/09 1:25 p.m.•62 views

CVE-2021-30201

CVE-2021-30201 affects Kaseya VSA (on‑premises/server side) where the API /vsaWS/KaseyaWS.asmx processes XML with external entities. The vulnerability arises from insecure handling of XML external entities, allowing an attacker to cause the server to read local files (e.g., c:\kaseya\kserver\kser...

7.5CVSS7.5AI score0.00329EPSS

Exploits1References4Affected Software1

OSV•added 2020/11/26 5:15 a.m.•15 views

PYSEC-2020-75

petl before 1.68, in some configurations, allows resolution of entities in an XML document...

9.8CVSS2.6AI score0.01877EPSS

Exploits0References8

Prion•added 2020/11/26 5:15 a.m.•14 views

Design/Logic Flaw

petl before 1.68, in some configurations, allows resolution of entities in an XML document...

6.8CVSS9.4AI score0.01877EPSS

Exploits0References7Affected Software1

Cvelist•added 2020/11/26 5:1 a.m.•14 views

CVE-2020-29128

petl before 1.68, in some configurations, allows resolution of entities in an XML document...

9.5AI score0.01877EPSS

Exploits0References7

appercut•added 2016/06/29 12:0 a.m.•546 views

Enonic XP: source code security analysis report

Several vulnerabilities were discovered in Enonic AS 'Enonic XP' software: Утечка пользовательских данных между сессиями Использование XSL трансформации для исполнения произвольного кода Отсутствие верификации цифровой подписи исполняемых файлов, полученных из недоверенных источников HttpOnly...

7.4AI score

Exploits0References1Affected Software1

appercut•added 2016/06/01 12:0 a.m.•671 views

LogicalDoc Document Managment System CE: source code security analysis report

Several vulnerabilities were discovered in LogicalDOC 'LogicalDoc Document Managment System CE' software: Утечка пользовательских данных между сессиями Использование XSL трансформации для исполнения произвольного кода Отсутствие верификации цифровой подписи исполняемых файлов, полученных из...

8.1AI score

Exploits0References1Affected Software1

appercut•added 2016/05/13 12:0 a.m.•530 views

Allfresco Community Edition: source code security analysis report

Several vulnerabilities were discovered in Alfresco Software 'Allfresco Community Edition' software: Утечка пользовательских данных между сессиями Использование XSL трансформации для исполнения произвольного кода Использование метода finalize Отсутствие верификации цифровой подписи исполняемых...

0.6AI score

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by