EUVD-2023-46591

Malicious code in bioql PyPI...

CVE-2023-42132

FD Application Apr. 2022 Edition Version 9.01 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker...

Xxe

Electronic Deliverables Creation Support Tool Construction Edition prior to Ver1.0.4 and Electronic Deliverables Creation Support Tool Design & Survey Edition prior to Ver1.0.4 improperly restrict XML external entity references XXE. By processing a specially crafted XML file, arbitrary files on t...

CVE-2024-22380

Electronic Delivery Check System Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version March, Heisei 31 era edition Ver.14.0.001.002 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file,...

CVE-2024-22380

Electronic Delivery Check System Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version March, Heisei 31 era edition Ver.14.0.001.002 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file,...

JVN#01434915: Improper restriction of XML external entity references (XXE) in "Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version)"

"Electronic Delivery Check System Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version" provided by Ministry of Agriculture, Forestry and Fisheries improperly restricts XML external entity references XXE CWE-611. Impact Processing a specially craft...

JVN#40049211: Improper restriction of XML external entity references (XXE) in Electronic Deliverables Creation Support Tool provided by Ministry of Defense

Electronic Deliverables Creation Support Tool provided by Ministry of Defense improperly restricts XML external entity references XXE CWE-611. Impact Processing a specially crafted XML file may lead to exposure of internal files on the system. Solution Update the Software Update the software to t...

CVE-2023-46802

e-Tax software Version3.0.10 and earlier improperly restricts XML external entity references XXE due to the configuration of the embedded XML parser. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker...

JVN#37857022: Improper restriction of XML external entity references (XXE) in Applicant Programme

Applicant Programme provided by The Ministry of Justice improperly restricts XML external entity references XXE CWE-611. Impact By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker. Solution Update the Software Update the software to the latest...

CVE-2022-0217

It was discovered that an internal Prosody library to load XML based on libexpat does not properly restrict the XML features allowed in parsed XML data. Given suitable attacker input, this results in expansion of recursive entity references from DTDs CWE-776. In addition, depending on the libexpa...

CVE-2022-0217

It was discovered that an internal Prosody library to load XML based on libexpat does not properly restrict the XML features allowed in parsed XML data. Given suitable attacker input, this results in expansion of recursive entity references from DTDs CWE-776. In addition, depending on the libexpa...

CVE-2022-0217

It was discovered that an internal Prosody library to load XML based on libexpat does not properly restrict the XML features allowed in parsed XML data. Given suitable attacker input, this results in expansion of recursive entity references from DTDs CWE-776. In addition, depending on the libexpa...

Unspecified Vulnerability in Fortinet FortiPortal (CNVD-2021-84250)

Fortinet FortiPortal is an advanced, feature-rich managed security analysis and management support tool for Fortinet's FortiGate, FortiWiFi and FortiAP product lines, available as a virtual machine for MSPs. A security vulnerability exists in FortiPortal versions prior to 6.0.6, which stems from ...