2322 matches found
CVE-2026-27664
A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.10, SICORE Base system All versions V26.10.0. The affected application contains an out-of-bounds write vulnerability while parsing specially crafted XML inputs. This could allow an unauthenticated...
SUSE CVE-2026-29074
SVGO, short for SVG Optimizer, is a Node.js library and command-line application for optimizing SVG files. From version 2.1.0 to before version 2.8.1, from version 3.0.0 to before version 3.3.3, and before version 4.0.1, SVGO accepts XML with custom entities, without guards against entity expansi...
CVE-2026-1567
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 An XML External Entity XXE vulnerability in IBM InfoSphere Information Server could allow attackers to retrieve sensitive information from the server...
PT-2026-21298
Name of the Vulnerable Software and Affected Versions fast-xml-parser versions 4.1.3 through 5.3.5 Description fast-xml-parser has a flaw in how it handles DOCTYPE entity names during XML parsing. Specifically, a dot . within an entity name is treated as a regex wildcard during entity replacement...
MiracleLinux 4 : rh-mariadb102-galera-25.3.29-1.AXS4, rh-mariadb102-mariadb-10.2.33-1.AXS4 (AXSA:2020-657:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-657:01 advisory. mysql: Server: Replication unspecified vulnerability CPU Apr 2019 CVE-2019-2614 mysql: Server: Security: Privileges unspecified vulnerability CPU Apr...
MiracleLinux 7 : libxml2-2.9.1-6.0.1.el7.AXS7.2 (AXSA:2015-924:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-924:01 advisory. This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes...
MiracleLinux 4 : librsvg2-2.26.0-6.1.1.AXS4 (AXSA:2014-042:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-042:01 advisory. An SVG library based on cairo. Security issues fixed with this release: CVE-2013-1881 GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary fil...
CVE-2026-0888 Information disclosure in the XML component
Information disclosure in the XML component. This vulnerability was fixed in Firefox 147 and Thunderbird 147...
CVE-2023-49733
Improper Restriction of XML External Entity Reference vulnerability in Apache Cocoon.This issue affects Apache Cocoon: from 2.2.0 before 2.3.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue...
CVE-2018-14486
DNN formerly DotNetNuke 9.1.1 allows cross-site scripting XSS via XML...
CVE-2021-41559
Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array that enables a remote attack via a crafted XML document...
CVE-2022-0861
A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator ePO prior to 5.10 Update 13 allows a remote administrator attacker to upload a malicious XML file through the extension import functionality. The impact is limited to some access to confidential information and some...
CVE-2022-0671
A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file...
Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.11 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
TencentOS Server 3: php:8.0 (TSSA-2023:0257)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0257 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
EUVD-2018-5762
Malware in sbrugna...
EUVD-2019-0171
Malware in sbrugna...
EUVD-2018-5759
Malware in sbrugna...
EUVD-2012-2641
Malware in sbrugna...
EUVD-2014-3587
Malware in sbrugna...