5 matches found
EUVD-2022-2787
Malicious code in bioql PyPI...
EUVD-2023-1204
Malicious code in bioql PyPI...
CVE-2023-38693 RCE in Lucee REST endpoint
Lucee Server or simply Lucee is a dynamic, Java based, tag and scripting language used for rapid web application development. The Lucee REST endpoint is vulnerable to RCE via an XML XXE attack. This vulnerability is fixed in Lucee 5.4.3.2, 5.3.12.1, 5.3.7.59, 5.3.8.236, and 5.3.9.173...
CVE-2020-27148
The TIBCO EBX Add-on for Oracle Hyperion EPM, TIBCO EBX Data Exchange Add-on, and TIBCO EBX Insight Add-on components of TIBCO Software Inc.'s TIBCO EBX Add-ons contain a vulnerability that theoretically allows a low privileged attacker with network access to execute an XML External Entity XXE...
CVE-2012-6685
Nokogiri before 1.5.4 is vulnerable to XXE attacks...