17 matches found
EUVD-2020-17906
Malware in sbrugna...
EUVD-2020-17905
Malware in sbrugna...
CVE-2020-25216
yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet...
CVE-2020-25215
yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document...
yWorks yEd Desktop Remote Code Execution (CVE-2020-25216)
A remote code execution vulnerability exists in yWorks yEd Desktop. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2020-25215
yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document...
CVE-2020-25216
yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet...
CVE-2020-25215
yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document...
CVE-2020-25216
yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet...
Design/Logic Flaw
yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet...
Design/Logic Flaw
yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document...
CVE-2020-25215
yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document...
PT-2020-16022 · Yworks · Yed Desktop
Name of the Vulnerable Software and Affected Versions: yWorks yEd Desktop versions prior to 3.20.1 Description: The issue allows XXE attacks via an XML or GraphML document. Recommendations: For versions prior to 3.20.1, update to version 3.20.1 or later to resolve the issue...
CVE-2020-25216
yWorks yEd Desktop before 3.20.1 is affected by a code execution vulnerability triggered by an XSL Transformation when processing an XML file with a custom stylesheet. The root cause is an XSLT processing path that allows arbitrary code execution in the context of the affected application. Affect...
CVE-2020-25216
yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet...
CVE-2020-25215
The CVE-2020-25215 entry affects yWorks yEd Desktop prior to version 3.20.1 and is caused by an XML External Entity (XXE) vulnerability in XML/GraphML processing. Reported impact indicates XXE could be exploited via crafted documents, enabling unintended access or disclosure consistent with XXE c...
PT-2020-16023 · Yworks · Yed Desktop
Name of the Vulnerable Software and Affected Versions: yWorks yEd Desktop versions prior to 3.20.1 Description: The issue allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet. Recommendations: For versions prior to 3.20.1, update to versio...