Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2729 matches found

CVE
CVEadded 2022/11/15 12:0 a.m.276 views

CVE-2022-45395

CVE-2022-45395 affects Jenkins CCCC Plugin 0.6 and earlier. The root cause is that its XML parser is not configured to prevent XML External Entity (XXE) attacks, which can allow an attacker to access or manipulate data in the published CCCC report via crafted XML. The connected documents confirm ...

9.8CVSS9.3AI score0.01057EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2022/11/15 12:0 a.m.28 views

CVE-2022-45396

Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

9.7AI score0.00961EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2022/11/15 12:0 a.m.7 views

CVE-2022-45395

Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.7AI score0.01057EPSS
Exploits0References2
Cvelist
Cvelistadded 2022/11/15 12:0 a.m.37 views

CVE-2022-45400

Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

9.7AI score0.01057EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2022/11/15 12:0 a.m.4 views

CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.7AI score0.00262EPSS
Exploits0References2
Cvelist
Cvelistadded 2022/11/15 12:0 a.m.29 views

CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.1AI score0.00262EPSS
Exploits0References2
CVE
CVEadded 2022/11/15 12:0 a.m.270 views

CVE-2022-45400

Jenkins JAPEX Plugin (versions 1.7 and earlier) is vulnerable to an XML External Entity (XXE) attack because it does not configure its XML parser to prevent XXE. This is documented across multiple sources (CVE-2022-45400; GHSA-8538-25V4-25PG; NVD entry). The root cause is improper parser configur...

9.8CVSS9.4AI score0.01057EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2022/11/15 12:0 a.m.271 views

CVE-2022-45386

CVE-2022-45386 affects Jenkins Violations Plugin, version 0.7.11 and earlier. The root cause is that the plugin’s XML parser does not prevent XML External Entity (XXE) attacks, enabling an attacker to influence XML input for the Report Violations step and potentially exfiltrate data or trigger se...

5.5CVSS5.8AI score0.00262EPSS
Exploits0References2Affected Software1
Fedora
Fedoraadded 2022/11/13 1:20 a.m.28 views

[SECURITY] Fedora 35 Update: mingw-expat-2.5.0-1.fc35

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

7.5CVSS7.8AI score0.02241EPSS
Exploits1
Fedora
Fedoraadded 2022/11/13 1:19 a.m.37 views

[SECURITY] Fedora 36 Update: mingw-expat-2.5.0-1.fc36

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

7.5CVSS7.8AI score0.02241EPSS
Exploits1
OpenVAS
OpenVASadded 2022/11/13 12:0 a.m.20 views

Fedora: Security Advisory for mingw-expat (FEDORA-2022-c43235716e)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS8AI score0.02241EPSS
Exploits1References2
OpenVAS
OpenVASadded 2022/11/11 12:0 a.m.19 views

Fedora: Security Advisory for mingw-expat (FEDORA-2022-dcb1d7bcb1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7.3AI score0.01659EPSS
Exploits0References2
Fedora
Fedoraadded 2022/11/10 10:49 p.m.34 views

[SECURITY] Fedora 37 Update: mingw-expat-2.4.9-1.fc37

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

8.1CVSS7.2AI score0.01659EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2022/11/08 8:7 p.m.82 views

Security Bulletin: IBM Security Guardium is affected by a jsoup vulnerability (CVE-2021-37714)

Summary IBM Security Guardium has fixed this vulnerability. Vulnerability Details CVEID:CVE-2021-37714 DESCRIPTION: jsoup is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause th...

7.5CVSS7.3AI score0.06873EPSS
Exploits0Affected Software1
OSV
OSVadded 2022/11/07 9:59 a.m.9 views

SUSE-SU-2022:3884-1 Security update for expat

This update for expat fixes the following issues: - CVE-2022-43680: Fixed use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate bsc1204708...

7.5CVSS7.6AI score0.02241EPSS
Exploits1References3
OSV
OSVadded 2022/11/04 9:16 p.m.9 views

MGASA-2022-0409 Updated expat packages fix security vulnerability

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations. CVE-2022-43680...

7.5CVSS7.6AI score0.02241EPSS
Exploits1References3
OSV
OSVadded 2022/11/03 4:58 p.m.5 views

CLSA-2022-1667494718 expat: Fix of CVE-2022-43680

CVE-2022-43680: Fix overeager DTD destruction...

7.5CVSS6.7AI score0.02241EPSS
Exploits1References1
GithubExploit
GithubExploitadded 2022/10/31 1:24 p.m.827 views

Exploit for Improper Verification of Cryptographic Signature in Passport-Saml_Project Passport-Saml

Exploiting CVE-2022-39299 Signature bypass via multiple ro...

8.1CVSS8.4AI score0.03025EPSS
Exploits1
OpenVAS
OpenVASadded 2022/10/30 12:0 a.m.21 views

Fedora: Security Advisory for mingw-expat (FEDORA-2022-c22feb71ba)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7.3AI score0.01659EPSS
Exploits0References2
OpenVAS
OpenVASadded 2022/10/30 12:0 a.m.20 views

Fedora: Security Advisory for mingw-expat (FEDORA-2022-d93b3bd8b9)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7.3AI score0.01659EPSS
Exploits0References2
Rows per page
Query Builder