Vulnerabilities > Improper Restriction of XML External Entity Reference ('XXE')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-21 | CVE-2021-40510 | XXE vulnerability in Obdasystems Mastro 1.0 XML eXternal Entity (XXE) in OBDA systems’ Mastro 1.0 allows remote attackers to read system files via custom DTDs. | 5.0 |
| 2022-06-17 | CVE-2021-45024 | XXE vulnerability in Rocketsoftware Ags-Zena 4.2.1 ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to XML External Entity (XXE). | 7.5 |
| 2022-06-16 | CVE-2021-41411 | XXE vulnerability in Redhat Drools 6.1.0 drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. | 7.5 |
| 2022-06-14 | CVE-2022-32285 | XXE vulnerability in Mendix Saml A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.16.6), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.2.2), Mendix SAML Module (Mendix 9 compatible) (All versions < V3.2.3). | 4.3 |
| 2022-06-14 | CVE-2022-31447 | XXE vulnerability in Magicpin 3.4 An XML external entity (XXE) injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file. | 5.0 |
| 2022-06-02 | CVE-2021-45981 | XXE vulnerability in Netscout Ngeniusone 6.3.2 NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack. | 7.5 |
| 2022-05-24 | CVE-2022-22977 | XXE vulnerability in VMWare Tools VMware Tools for Windows(12.0.0, 11.x.y and 10.x.y) contains an XML External Entity (XXE) vulnerability. | 3.6 |
| 2022-05-24 | CVE-2022-31261 | XXE vulnerability in Morpheusdata Morpheus An XXE issue was discovered in Morpheus through 5.2.16 and 5.4.x through 5.4.4. | 4.3 |
| 2022-05-20 | CVE-2022-29801 | XXE vulnerability in Siemens Teamcenter A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9). | 5.0 |
| 2022-05-17 | CVE-2022-30971 | XXE vulnerability in Jenkins Storable Configs 1.0 Jenkins Storable Configs Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 6.5 |