2722 matches found
Apache Cayenne CayenneModeler XML External Entity Injection Vulnerability
Apache Cayenne is the United States Apache Apache Software Foundation of an open source persistence framework that provides object-relational mapping ORM and remote services . CayenneModeler is one of the graphical user interface . A security vulnerability exists in CayenneModeler in Apache Cayen...
CVE-2018-11758
This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModeler into opening a...
CVE-2018-11758
CVE-2018-11758 affects Apache Cayenne CayenneModeler (desktop GUI for Cayenne ORM). It arises from XML External Entity (XXE) processing in the embedded XML parser, allowing a malicious XML file to trigger local file transfers to an attacker-controlled host. The vulnerability is mitigated by Cayen...
Xxe
This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModeler into opening a...
CVE-2018-11758
This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModeler into opening a...
CVE-2018-1000652
JabRef version =4.3.1 contains a XML External Entity XXE vulnerability in MsBibImporter XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted MsBib file. This...
CVE-2018-1000652
JabRef version =4.3.1 contains a XML External Entity XXE vulnerability in MsBibImporter XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted MsBib file. This...
CVE-2018-1000651
Stroom version 5.4.5 contains a XML External Entity XXE vulnerability in XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted XML file...
CVE-2018-1000644
Eclipse RDF4j version 2.4.0 Milestone 2 contains a XML External Entity XXE vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially...
Xxe
JabRef version =4.3.1 contains a XML External Entity XXE vulnerability in MsBibImporter XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted MsBib file. This...
CVE-2018-1000652
JabRef version =4.3.1 contains a XML External Entity XXE vulnerability in MsBibImporter XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted MsBib file. This...
Xxe
Eclipse RDF4j version 2.4.0 Milestone 2 contains a XML External Entity XXE vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially...
UBUNTU-CVE-2018-1000652
JabRef version =4.3.1 contains a XML External Entity XXE vulnerability in MsBibImporter XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted MsBib file. This...
CVE-2018-1000651
CVE-2018-1000651 affects Stroom
CVE-2018-1000652
JabRef version =4.3.1 contains a XML External Entity XXE vulnerability in MsBibImporter XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted MsBib file. This...
CVE-2018-1000644
Eclipse RDF4j version 2.4.0 Milestone 2 contains a XML External Entity XXE vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially...
CVE-2018-1000651
Stroom version 5.4.5 contains a XML External Entity XXE vulnerability in XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted XML file...
CVE-2018-1000644
Known CVE-2018-1000644 affects Eclipse RDF4j
CVE-2018-1000652
JabRef version =4.3.1 contains a XML External Entity XXE vulnerability in MsBibImporter XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted MsBib file. This...
CVE-2018-13417
In Vuze Bittorrent Client 5.7.6.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing XXE attack. Remote, unauthenticated attackers can use this vulnerability to: 1 Access arbitrary files from the filesystem with the same permission as the user...