21 matches found
EUVD-2017-11956
Malware in sbrugna...
EUVD-2018-1829
Malware in sbrugna...
EUVD-2019-6991
Malware in sbrugna...
EUVD-2018-15667
Malware in sbrugna...
EUVD-2011-2142
Malware in sbrugna...
EUVD-2021-9484
Malicious code in bioql PyPI...
EUVD-2022-3465
Malicious code in bioql PyPI...
EUVD-2025-7216
Malicious code in bioql PyPI...
EUVD-2025-0146
Malicious code in bioql PyPI...
CVE-2019-16174
An XML injection vulnerability was found in Limesurvey before 3.17.14 that allows remote attackers to import specially crafted XML files and execute code or compromise data integrity...
CVE-2025-32138
CVE-2025-32138 (Easy Google Maps) is an authenticated XML External Entity (XXE) injection in the Easy Google Maps plugin. Affected versions include
CVE-2024-51462
IBM QRadar WinCollect Agent 10.0.0 through 10.1.12 could allow a remote attacker to inject XML data into parameter values due to improper input validation of assumed immutable data...
Magento Open Source allows XML Injection
Adobe Commerce versions 2.4.6-p1 and earlier, 2.4.5-p3 and earlier and 2.4.4-p4 and earlier are affected by a XML Injection aka Blind XPath Injection vulnerability that could lead in minor arbitrary file system read. Exploitation of this issue does not require user interaction...
GHSA-WH42-8R2W-873X Magento Open Source allows XML Injection
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by an XML Injection vulnerability. An attacker with low privileges can trigger a specially crafted script to a security feature bypass. Exploitation of this issue does not require user interactio...
Magento Open Source allows XML Injection
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by an XML Injection vulnerability. An attacker with low privileges can trigger a specially crafted script to a security feature bypass. Exploitation of this issue does not require user interactio...
Magento Open Source allows XML Injection
Adobe Commerce versions 2.4.4-p2 and earlier and 2.4.5-p1 and earlier are affected by an XML Injection vulnerability that could lead to arbitrary file system read. An unauthenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of thi...
Mageia: Security Advisory (MGASA-2019-0077)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-1000632
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or...
SUSE-SU-2018:2863-1 Security update for dom4j
This update for dom4j fixes the following issues: - CVE-2018-1000632: Prevent XML injection vulnerability that allowed an attacker to tamper with XML documents bsc1105443...
Pentaho < 4.5.0 - User Console XML Injection
======================================================================== title: Pentaho User Console XML Injection Vulnerability program: Pentaho BI User Console vulnerable version: Pentaho was injected into the XML of the client's POST request. This tag defines an external entity, xxe8295c, whic...