CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

60 matches found

CNNVD•added 2026/06/11 12:0 a.m.•12 views

VMware Spring Web Services 代码问题漏洞

VMware Spring Web Services is a SOAP Web services development framework provided by the American company VMware. There are code vulnerabilities in versions 5.0.0 to 5.0.1, 4.1.0 to 4.1.3, 4.0.0 to 4.0.18, and 3.1.0 to 3.1.8 of VMware Spring Web Services. These vulnerabilities stem from the defaul...

8.2CVSS5.5AI score0.00352EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:36 p.m.•4 views

CVE-2023-49656

Jenkins MATLAB Plugin 2.11.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

9.8CVSS6.7AI score0.00844EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•11 views

EUVD-2016-0027

Malware in sbrugna...

8.8CVSS8.3AI score0.02354EPSS

Exploits0References17

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2022-3031

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00969EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2022-4694

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00818EPSS

Exploits0References5

RedhatCVE•added 2025/07/24 10:30 p.m.•7 views

CVE-2025-7766

Lantronix Provisioning Manager is vulnerable to XML external entity attacks in configuration files supplied by network devices, leading to unauthenticated remote code execution on hosts with Provisioning Manager installed...

8.6CVSS8.3AI score0.01667EPSS

Exploits2References1

NVD•added 2025/07/22 10:15 p.m.•9 views

CVE-2025-7766

8.6CVSS0.01667EPSS

Exploits2References2

RedhatCVE•added 2025/05/23 3:37 a.m.•6 views

CVE-2023-28683

Jenkins Phabricator Differential Plugin 2.1.5 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.2CVSS6.7AI score0.00569EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 12:17 a.m.•7 views

CVE-2022-45400

Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

9.8CVSS6.7AI score0.01057EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:3 p.m.•16 views

CVE-2022-34793

Jenkins Recipe Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.8CVSS6.7AI score0.00797EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 6:19 p.m.•6 views

CVE-2021-21656

Jenkins Xcode integration Plugin 2.0.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7.1CVSS6.7AI score0.01511EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 5:42 p.m.•12 views

CVE-2020-5602

Mitsubishi Electoric FA Engineering Software CPU Module Logging Configuration Tool Ver. 1.94Y and earlier, CW Configurator Ver. 1.010L and earlier, EM Software Development Kit EM Configurator Ver. 1.010L and earlier, GT Designer3 GOT2000 Ver. 1.221F and earlier, GX LogViewer Ver. 1.96A and earlie...

7.5CVSS6.8AI score0.01431EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:30 p.m.•14 views

CVE-2020-2315

Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.5CVSS6.7AI score0.01076EPSS

Exploits0

RedhatCVE•added 2025/05/22 4:8 p.m.•6 views

CVE-2020-2092

Jenkins Robot Framework Plugin 2.0.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks, allowing users with Job/Configure to have Jenkins parse crafted XML documents...

8.8CVSS6.7AI score0.01382EPSS

Exploits0

CVE•added 2025/04/16 10:32 p.m.•64 views

CVE-2025-24910

Hitachi Vantara Pentaho Business Analytics Server prior to 10.2.0.2 (including 9.3.x and 8.3.x) is affected by an XML External Entity (XXE) vulnerability in MessageSourceCrawler. The issue allows an attacker to cause the application to read local files via a file:// entity, and can also trigger o...

4.9CVSS4.9AI score0.00336EPSS

Exploits0References1

Tenable Nessus•added 2025/03/04 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2016-9318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be...

5.5CVSS7AI score0.02938EPSS

Exploits1References2

RedhatCVE•added 2025/02/05 10:7 a.m.•7 views

CVE-2024-3572

The scrapy/scrapy project is vulnerable to XML External Entity XXE attacks due to the use of lxml.etree.fromstring for parsing untrusted XML data without proper validation. This vulnerability allows attackers to perform denial of service attacks, access local files, generate network connections, ...

7.5CVSS6.5AI score0.00807EPSS

Exploits1

Tenable Nessus•added 2025/01/17 12:0 a.m.•10 views

Ubuntu 24.10 : libxml2 vulnerability (USN-7215-1)

The remote Ubuntu 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7215-1 advisory. Xisco Fauli discovered that libxml2 incorrectly handled custom SAX handlers. A remote attacker could possibly use this issue to perform XML External Entity XXE attack...

9.1CVSS7.1AI score0.01172EPSS

Exploits0References2

Tenable Nessus•added 2024/05/11 12:0 a.m.•20 views

RHEL 6 : pki-core (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pki-core: Mishandled ACL configuration in AAclAuthz.java reverses rules that allow and deny access...

7.6AI score0.85323EPSS

Exploits4References6

OSV•added 2024/04/16 12:15 a.m.•26 views

CVE-2024-3572

7.5CVSS6.7AI score

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by