VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Restriction of XML External Entity Reference ('XXE')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-05-13
CVE-2024-51445
A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All versions < V2404.4).
network
low complexity
CWE-611
6.5
6.5
2025-05-13
CVE-2025-30018
The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) allows an unauthenticated attacker to submit an application servlet request with a crafted XML file which when parsed, enables the attacker to access sensitive files and data.
network
low complexity
CWE-611
8.6
8.6
2025-05-06
CVE-2025-22478
XXE vulnerability in Dell Storage Manager 16.3.20/2016/2020
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability.
low complexity
dell
CWE-611
8.1
8.1
2025-04-28
CVE-2025-34490
XXE vulnerability in GFI Mailessentials
GFI MailEssentials prior to version 21.8 is vulnerable to an XML External Entity (XXE) issue.
network
low complexity
gfi
CWE-611
6.5
6.5
2025-04-04
CVE-2025-3241
A vulnerability, which was classified as problematic, was found in zhangyanbo2007 youkefu up to 4.2.0.
network
low complexity
CWE-611
6.3
6.3
2025-03-17
CVE-2025-2365
A vulnerability, which was classified as problematic, has been found in crmeb_java up to 1.3.4.
network
low complexity
CWE-611
6.3
6.3
2025-03-07
CVE-2025-0162
XXE vulnerability in IBM Aspera Shares 1.10.0/1.9.14/1.9.15
IBM Aspera Shares 1.9.9 through 1.10.0 PL7 is vulnerable to an XML external entity injection (XXE) attack when processing XML data.
network
low complexity
ibm
CWE-611
7.1
7.1
2025-02-20
CVE-2024-49781
XXE vulnerability in IBM Openpages With Watson 9.0
IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages is vulnerable to an XML external entity injection (XXE) attack when processing XML data.
network
low complexity
ibm
CWE-611
7.1
7.1
2025-02-19
CVE-2023-47160
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
CWE-611
8.2
8.2
2025-02-12
CVE-2025-1225
A vulnerability, which was classified as problematic, has been found in ywoa up to 2024.07.03.
network
low complexity
CWE-611
6.3
6.3
«
1
(current)
2
3
4
5
...
91
92
»
Next