CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2725 matches found

OpenVAS•added 2020/05/26 12:0 a.m.•44 views

Huawei Products Multiple DoS Vulnerabilities (huawei-sa-20171201-01-xml)

Multiple Huawei products are prone to multiple denial of service vulnerabilities in the XML parser. This VT has been deprecated as a duplicate of the VT SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

4.7CVSS5AI score0.00494EPSS

Exploits0References1

Amazon•added 2020/05/13 12:0 a.m.•76 views

Medium: expat

Issue Overview: Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283. CVE-2015-2716 Affecte...

7.5CVSS9.1AI score0.19069EPSS

Exploits0

CNVD•added 2020/05/07 12:0 a.m.•4 views

Cisco Firepower Device Manager On-Box software Buffer Overflow Vulnerability

Cisco Firepower Device Manager FDM is a firewall device manager from Cisco USA. The product supports access rule configuration, system monitoring, etc. Cisco Firepower Device Manager On-Box software is one of the built-in software. A buffer overflow vulnerability exists in the XML parser code in...

6.8CVSS7.5AI score0.01216EPSS

Exploits0References1

OSV•added 2020/05/06 5:15 p.m.•3 views

CVE-2020-3310

A vulnerability in the XML parser code of Cisco Firepower Device Manager On-Box software could allow an authenticated, remote attacker to cause an affected system to become unstable or reload. The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could...

4.9CVSS6.1AI score

Exploits0References1

NVD•added 2020/05/06 5:15 p.m.•18 views

CVE-2020-3310

6.8CVSS5.2AI score0.01216EPSS

Exploits0References1

Prion•added 2020/05/06 5:15 p.m.•13 views

Design/Logic Flaw

6.8CVSS5.2AI score0.01216EPSS

Exploits0References1Affected Software1

CVE•added 2020/05/06 4:40 p.m.•54 views

CVE-2020-3310

CVE-2020-3310 relates to Cisco Firepower Device Manager On-Box software where an XML parser in the On-Box component can be overwhelmed by a crafted XML file. An authenticated attacker (with admin rights or SSL VPN access) could cause the XML parser to crash, leading to system instability, memory ...

6.8CVSS5.2AI score0.01216EPSS

Exploits0References1Affected Software1

NVD•added 2020/04/16 7:15 p.m.•17 views

CVE-2020-2178

Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7.1CVSS6.9AI score0.00877EPSS

Exploits0References2

OSV•added 2020/04/16 7:15 p.m.•11 views

CVE-2020-2178

Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7.1CVSS6.7AI score

Exploits0References2

CVE•added 2020/04/16 1:35 p.m.•77 views

CVE-2020-2178

What’s affected: Jenkins Parasoft Findings Plugin (versions 10.4.3 and earlier) used in Jenkins. Root cause: The plugin’s XML parser is not configured to disable XML external entities (XXE) attacks. Impact: An attacker who can control input to the Parasoft Findings parser could cause the parser t...

7.1CVSS6.8AI score0.00877EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/04/16 1:35 p.m.•16 views

CVE-2020-2178

Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.9AI score0.00877EPSS

Exploits0References2

AlpineLinux•added 2020/04/16 1:35 p.m.•24 views

CVE-2020-2178

Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7.1CVSS3.9AI score0.00877EPSS

Exploits0References2

NVD•added 2020/04/07 1:15 p.m.•24 views

CVE-2020-2172

Jenkins Code Coverage API Plugin 1.1.4 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.5CVSS6.6AI score0.01067EPSS

Exploits0References2

Prion•added 2020/04/07 1:15 p.m.•23 views

Xxe

Jenkins Code Coverage API Plugin 1.1.4 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

4CVSS6.5AI score0.01067EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/04/07 12:25 p.m.•31 views

CVE-2020-2172

Jenkins Code Coverage API Plugin 1.1.4 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.5AI score0.01067EPSS

Exploits0References2

RedhatCVE•added 2020/03/31 7:37 a.m.•26 views

CVE-2020-2138

Jenkins Cobertura Plugin 1.15 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7.1CVSS4.3AI score0.00926EPSS

Exploits0References4

NVD•added 2020/03/25 5:15 p.m.•29 views

CVE-2020-2171

Jenkins RapidDeploy Plugin 4.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.8CVSS8.7AI score0.0115EPSS

Exploits0References2

OSV•added 2020/03/25 5:15 p.m.•8 views

CVE-2020-2171

Jenkins RapidDeploy Plugin 4.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.8CVSS6.7AI score

Exploits0References2

CVE•added 2020/03/25 4:5 p.m.•73 views

CVE-2020-2171

CVE-2020-2171 affects the Jenkins RapidDeploy Plugin (versions 4.2 and earlier). The root cause is a configured XML parser that does not disable XML external entity (XXE) processing, enabling an attacker to craft input files that may lead to secret extraction, server-side impacts, or DoS through ...

8.8CVSS8.6AI score0.0115EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/03/25 4:5 p.m.•30 views

CVE-2020-2171

Jenkins RapidDeploy Plugin 4.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.7AI score0.0115EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by