2720 matches found
CVE-2023-40507
LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific...
CVE-2023-40506
LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific...
CVE-2023-39472
Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Inductive Automation Ignition. Authentication is required to exploit this...
CVE-2023-51605 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this...
CVE-2023-51605 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this...
CVE-2023-51605
CVE-2023-51605 affects Honeywell Saia PG5 Controls Suite. The flaw is an XML External Entity (XXE) processing vulnerability in XML parsing that can disclose sensitive information to an attacker. Exploitation requires user interaction (visiting a malicious page or opening a malicious file); the at...
CVE-2023-51601 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this...
CVE-2023-51600 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this...
CVE-2023-51600 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability
Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this...
CVE-2023-44412 D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability
D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw...
CVE-2023-44412 D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability
D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw...
CVE-2023-42035
Summary: CVE-2023-42035 affects Visualware MyConnection Server, arising from the doIForward method and improper restriction of XML External Entity (XXE) references. A crafted XML document can cause the parser to retrieve a URI and embed its contents back into the XML, leading to information discl...
CVE-2023-40507 LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability
LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific...
CVE-2023-40507
The provided sources confirm a concrete vulnerability in LG Simple Editor: an XML External Entity (XXE) handling flaw in the copyContent command. A crafted document with a URI causes the XML parser to fetch the URI and embed its contents back into the XML, allowing a remote attacker to disclose i...
CVE-2023-40506 LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability
LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific...
CVE-2023-40506
LG Simple Editor is affected by a XXE-based information disclosure in the copyContent command. The flaw arises from improper restriction of XML External Entity references, allowing a crafted document to cause the XML parser to fetch a URI and embed its contents back into the document (SYSTEM cont...
CVE-2023-40503
CVE-2023-40503 concerns LG Simple Editor. The flaw is in the saveXmlFile method, where improper restriction of XML External Entity (XXE) references allows a crafted document to cause the XML parser to fetch a URI and embed its contents back into the XML, enabling information disclosure in the SYS...
CVE-2023-39472
CVE-2023-39472 — Inductive Automation Ignition is affected through the SimpleXMLReader’s XML External Entity (XXE) handling, where a crafted XML can trigger the parser to fetch a URI and embed its contents, enabling information disclosure in the SYSTEM context. Exploitation requires authenticatio...
CVE-2023-39472 Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability
Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Inductive Automation Ignition. Authentication is required to exploit this...
CVE-2023-39472 Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability
Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Inductive Automation Ignition. Authentication is required to exploit this...