Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-4074

Malicious code in bioql PyPI...

6.4CVSS9.1AI score0.02519EPSS
Exploits0References9
RedhatCVE
RedhatCVEadded 2025/05/22 11:54 p.m.4 views

CVE-2022-42301

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity XXE injection attack through the nbars process...

8.8CVSS7.2AI score0.0054EPSS
Exploits0References1
Ubuntu
Ubuntuadded 2024/05/09 3:54 p.m.26 views

USN-6769-1: Spreadsheet::ParseXLSX vulnerabilities

Le Dinh Hai discovered that Spreadsheet::ParseXLSX did not properly manage memory during cell merge operations. An attacker could possibly use this issue to consume large amounts of memory, resulting in a denial of service condition. CVE-2024-22368 An Pham discovered that Spreadsheet::ParseXLSX...

6.5CVSS6.2AI score0.00776EPSS
Exploits2
Tenable Nessus
Tenable Nessusadded 2020/10/05 12:0 a.m.33 views

Ubuntu 18.04 LTS : Yaws vulnerabilities (USN-4569-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4569-1 advisory. It was discovered that Yaws did not properly sanitize XML input. A remote attacker could use this vulnerability to execute an XML External Entity XXE...

10CVSS8.8AI score0.17374EPSS
Exploits4References3
Veracode
Veracodeadded 2019/01/15 8:54 a.m.34 views

XML External Entity (XXE) To Read Files

RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity XXE injection attack...

5CVSS9.3AI score0.03213EPSS
Exploits0References36Affected Software4
0day.today
0day.todayadded 2015/11/09 12:0 a.m.32 views

Google AdWords API PHP Client Library 6.2.0 XXE Injection Vulnerability

Google AdWords API PHP client library versions 6.2.0 and below suffer from an XML eXternal Entity injection vulnerability. ============================================= - Release date: 06.11.2015 - Discovered by: Dawid Golunski - Severity: Medium/High =============================================...

7.5AI score
Exploits0
UbuntuCve
UbuntuCveadded 2012/10/09 11:55 p.m.31 views

CVE-2012-4399

The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 allows remote attackers to read arbitrary files via XML data containing external entity references, aka an XML external entity XXE injection attack...

7.5CVSS7.2AI score0.12091EPSS
Exploits1References4
OpenVAS
OpenVASadded 2012/02/13 12:0 a.m.35 views

FreeBSD Ports: phpMyAdmin

The remote host is missing an update to the system as announced in the referenced advisory. VID 1f6ee708-0d22-11e1-b5bd-14dae938ec40 OpenVAS Vulnerability Test $ Description: Auto generated from VID 1f6ee708-0d22-11e1-b5bd-14dae938ec40 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

4.3CVSS6.4AI score0.12852EPSS
Exploits7
Debian CVE
Debian CVEadded 2011/11/17 7:0 p.m.25 views

CVE-2011-4107

The simplexmlloadstring function in the XML import plug-in libraries/import/xml.php in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity XXE injection...

6.5CVSS6.5AI score0.12852EPSS
Exploits7
Rows per page
Query Builder