Lucene search
+L

7706 matches found

CVE
CVE
added 2013/10/24 12:0 a.m.83 views

CVE-2013-6244

The CVE-2013-6244 issue affects SAP NetWeaver 7.31 and earlier, in the Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP). The root cause is an XML External Entity (XXE) vulnerability where an XML document containing an external entity declaration and an entity ref...

5CVSS7AI score0.0163EPSS
Exploits0References6Affected Software1
Packet Storm
Packet Storm
added 2013/10/22 12:0 a.m.50 views

Apache Shindig 2.5.0 XXE Injection

CVE-2013-4295: XXE vulnerability In Apache Shindig 2.5.0 PHP Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Shindig PHP 2.5.0 Description: The gadget renderer in the PHP version of Apache Shindig is subject to an XML External Entity XXE Injection attack. The...

5CVSS0.12169EPSS
Exploits1
exploitpack
exploitpack
added 2013/10/21 12:0 a.m.7 views

Apache Shindig - XML External Entity Information Disclosure

Apache Shindig - XML External Entity Information Disclosure source: https://www.securityfocus.com/bid/63260/info Apache Shindig is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. Apache...

7.2AI score
Exploits0
Prion
Prion
added 2013/10/13 10:20 a.m.18 views

Xxe

Invensys Wonderware InTouch HMI 2012 R2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via an XML document containing an external entity declaration in conjunction with an entity referenc...

6.9CVSS7.4AI score0.00628EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2013/10/10 12:55 a.m.8 views

CVE-2013-1881

GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

6.4AI score
Exploits0References9
NVD
NVD
added 2013/10/10 12:55 a.m.10 views

CVE-2013-1881

GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

4.3CVSS6.4AI score0.03197EPSS
Exploits0References9
OSV
OSV
added 2013/10/10 12:55 a.m.1 views

DEBIAN-CVE-2013-1881

GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

4.3CVSS6.7AI score0.03197EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2013/10/09 12:0 a.m.21 views

CVE-2013-1881

GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

4.3CVSS6AI score0.03197EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2013/10/03 12:0 a.m.6 views

PT-2016-35: XML External Entity Injection in Liebert SiteScan

The specialists of the Positive Research center have detected an XML External Entity Injection vulnerability in Liebert SiteScan. Vulnerability in Liebert SiteScan allows attackers to obtain sensitive information via a specially crafted XML request. How to fix Update your software up to the lates...

9.8CVSS9.4AI score0.03521EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/09/30 8:30 p.m.5 views

php: Ability to read arbitrary files due use of external entities while parsing SOAP WSDL files

The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue in the soapxmlParseFile and...

5CVSS7.4AI score0.10136EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/09/27 12:0 a.m.34 views

Cisco Prime Data Center Network Manager < 6.2(1) Multiple Vulnerabilities (credentialed check)

According to its self-reported version number, the version of Cisco Prime Data Center Network Manager DCNM installed on the remote host is affected by multiple vulnerabilities : - Multiple remote command execution vulnerabilities exist in the DCNM-SAN Server component. CVE-2013-5486 - An...

10CVSS8.7AI score0.75962EPSS
Exploits6References7
Tenable Nessus
Tenable Nessus
added 2013/09/27 12:0 a.m.44 views

Cisco Prime Data Center Network Manager < 6.2(1) Multiple Vulnerabilities (uncredentialed check)

According to its self-reported version number, the version of Cisco Prime Data Center Network Manager DCNM installed on the remote host is affected by multiple vulnerabilities : - Multiple remote command execution vulnerabilities exist in the DCNM-SAN Server component. CVE-2013-5486 - An...

10CVSS8.7AI score0.75962EPSS
Exploits6References7
NVD
NVD
added 2013/09/23 10:18 a.m.16 views

CVE-2013-5490

Cisco Prime Data Center Network Manager DCNM before 6.21 allows remote attackers to read arbitrary text files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, aka Bug ID CSCud80148...

7.8CVSS6.7AI score0.01707EPSS
Exploits0References3
CISA
CISA
added 2013/09/22 12:0 a.m.13 views

Cisco Releases Security Advisory for Cisco Prime Data Center Network Manager (DCNM)

Cisco has released three security advisories to address multiple vulnerabilities affecting various components of Cisco Prime Data Center Network Manager DCNM. These vulnerabilities may allow an unauthenticated, remote attacker to disclose file components and access text files on an affected devic...

7.6AI score
Exploits0References4
NVD
NVD
added 2013/09/16 1:2 p.m.22 views

CVE-2013-1824

The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue in the soapxmlParseFile and...

4.3CVSS6.5AI score0.04314EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2013/09/16 1:2 p.m.39 views

CVE-2013-1824

The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue in the soapxmlParseFile and...

4.3CVSS7.2AI score0.04314EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2013/09/16 3:7 a.m.35 views

Moderate: Red Hat Security Advisory: Red Hat Storage Console 2.1 security update

Updated Red Hat Storage Console packages that fix one security issue, various bugs, and add enhancements are now available for Red Hat Storage Server 2.1. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...

5CVSS7.3AI score0.03213EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2013/09/16 3:7 a.m.7 views

RESTEasy: XML eXternal Entity (XXE) flaw

RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity XXE injection attack...

5CVSS7.5AI score0.03213EPSS
Exploits0References4
Cvelist
Cvelist
added 2013/09/16 1:0 a.m.46 views

CVE-2013-1824

The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue in the soapxmlParseFile and...

5.7AI score0.04314EPSS
Exploits1References6
CVE
CVE
added 2013/09/16 1:0 a.m.179 views

CVE-2013-1824

CVE-2013-1824 affects PHP’s SOAP parser: PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL containing an XML external entity declaration with an entity reference (XXE) in soap_xmlParseFile/soap_xmlParseMemory. The MiracleLinux advisory notes...

4.3CVSS5.6AI score0.04314EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder