EUVD-2025-9727

Malicious code in bioql PyPI...

EUVD-2023-33678

Malicious code in bioql PyPI...

EUVD-2023-34259

Malicious code in bioql PyPI...

EUVD-2022-7659

Malicious code in bioql PyPI...

EUVD-2023-0466

Malicious code in bioql PyPI...

EUVD-2022-51939

Malicious code in bioql PyPI...

EUVD-2023-0615

Malicious code in bioql PyPI...

EUVD-2024-44871

Malicious code in bioql PyPI...

CVE-2025-36608

CVE-2025-36608 affects Dell SmartFabric OS10 Software prior to 10.6.0.5. The issue is an improper restriction of XML External Entity references in OS10, enabling a low-privileged, remote attacker to potentially gain unauthorized access. Impact is described as unauthorized access with Network atta...

Adobe Commerce/Magento Open Source Multiple Vulnerabilities (APSB24-40)

The version of Adobe Commerce/Magento Open Source installed on the remote host falls within one of the following ranges 2.4.7 2.4.7-p1 Adobe Commerce / 2.4.6 2.4.6-p6 Adobe Commerce / 2.4.5 2.4.5-p8 Adobe Commerce / 2.4.4 2.4.4-p9 Adobe Commerce / 2.4.3 2.4.3-ext-8 Adobe Commerce / 2.4.2...

PT-2025-30299 · Dell · Dell Appsync

Name of the Vulnerable Software and Affected Versions: Dell AppSync version 4.6.0.0 Description: Dell AppSync version 4.6.0.0 contains an Improper Restriction of XML External Entity Reference issue. A low privileged attacker with local access could potentially exploit this issue, leading to...

CVE-2025-7824 Jinher OA XmlHttp.aspx xml external entity reference

A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects some unknown processing of the file XmlHttp.aspx. The manipulation leads to xml external entity reference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...

PT-2025-30138 · Jinher Oa · Jinher Oa

Name of the Vulnerable Software and Affected Versions: Jinher OA version 1.1 Description: A vulnerability exists in the processing of the XmlHttp.aspx file, leading to XML external entity reference XXE. This issue can be exploited remotely. The exploit has been publicly disclosed. Recommendations...

PT-2025-30137 · Jinher Oa · Jinher Oa

Name of the Vulnerable Software and Affected Versions: Jinher OA version 1.2 Description: A vulnerability exists in Jinher OA 1.2 related to xml external entity reference within the ProjectScheduleDelete.aspx file. This issue can be exploited remotely. The exploit has been publicly disclosed...

Adobe ColdFusion < 2021.x < 2021u21 / 2023.x < 2023u15 / 2025.x < 2025u3 Multiple Vulnerabilities (APSB25-69)

The version of Adobe ColdFusion installed on the remote Windows host is prior to 2021.x update 21, 2023.x update 15, or 2025.x update 3. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-69 advisory. - ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are...

CVE-2025-49544

The CVE-2025-49544 entry concerns Adobe ColdFusion. Affected versions include 2025.2, 2023.14, 2021.20 and earlier. The root cause is an Improper Restriction of XML External Entity Reference (XXE), potentially leading to a security feature bypass. Impact described: a high-privileged attacker coul...

CVE-2025-5877

A vulnerability, which was classified as problematic, has been found in Fengoffice Feng Office 3.2.2.1. Affected by this issue is some unknown functionality of the file /application/models/ApplicationDataObject.class.php of the component Document Upload Handler. The manipulation leads to xml...

CVE-2024-4184

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below...

CVE-2024-12298

We found a vulnerability Improper Restriction of XML External Entity Reference CWE-611 in NB-series NX-Designer. Attackers may be able to abuse this vulnerability to disclose confidential data on a computer...

CVE-2023-2806

A vulnerability classified as problematic was found in Weaver e-cology up to 9.0. Affected by this vulnerability is the function RequestInfoByXml of the component API. The manipulation leads to xml external entity reference. The associated identifier of this vulnerability is VDB-229411. NOTE: The...