8 matches found
PT-2025-30560 · Open Source Geospatial Foundation · Geotools
Уязвимость модудей gt-xsd-core и gt-wfs-ng библиотеки GeoTools связана с неверным ограничением XML-ссылок на внешние объекты. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, проводить XXE-атаки...
The vulnerability of the programming software for PLCs (programmable logic controllers), namely the Saia PG5 Controls Suite, arises from incorrect restrictions on XML links to external objects. This allows a malicious individual to gain unauthorized access to protected information.
The vulnerability of the programming software for PLCs programmable logic controllers, Saia PG5 Controls Suite, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
The vulnerability of the “Add UCS Device” function in the OpManager network monitoring software, including OpManager MSP and OpManager Plus, allows a attacker to perform an SSRF attack.
The vulnerability of the “Add UCS Device” function in OpManager’s network monitoring software, including OpManager MSP and OpManager Plus, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to perform an SSRF attack...
The vulnerability of the ConnectWise Automate software for remote monitoring and management of IT assets stems from incorrect restrictions on XML links to external objects. This allows attackers to execute arbitrary code or gain unauthorized access to protected information.
The vulnerability of the software for remote monitoring and management of IT assets in ConnectWise Automate relates to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or gain unauthorized access to...
The vulnerability in the web interface of the BroadWorks Messaging Server allows a perpetrator to gain unauthorized access to protected information or cause service failures.
The vulnerability in the web interface of the BroadWorks Messaging Server is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information or cause service...
The vulnerability of the XML platform’s syntactic analyzer, which is designed to enhance the effectiveness of educational materials and documentation. SAP Enable Now allows unauthorized access to protected information.
The vulnerability of the XML syntax analyzer on the SAP Enable Now platform, which is designed to improve the effectiveness of educational materials and documentation, is related to errors in XML link restrictions. Exploiting this vulnerability could allow an attacker to gain unauthorized access ...
The vulnerability of the hidden content checking component in the SAP NetWeaver software integration platform allows a perpetrator to access confidential information or cause service failures.
The vulnerability of the hidden content checking component in the SAP NetWeaver software integration platform is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow a malicious actor to gain access to confidential information or cause servic...
The vulnerability of the Single Sign-On implementation for management tools in VMware vCenter Server and VMware vRealize Automation arises from incorrect restrictions on XML links to external objects. This allows a malicious actor to trigger service failures or gain access to confidential information.
The vulnerability of Single Sign-On implementations for VMware vCenter Server and VMware vRealize Automation management tools is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability could allow a malicious actor to cause service failures or gain...