Vulnerabilities > Improper Restriction of XML External Entity Reference ('XXE')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-12 | CVE-2023-37942 | XXE vulnerability in Jenkins External Monitor JOB Type Jenkins External Monitor Job Type Plugin 206.v9a_94ff0b_4a_10 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 6.5 |
| 2023-07-05 | CVE-2023-35786 | XXE vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view files. | 4.9 |
| 2023-06-29 | CVE-2020-26708 | XXE vulnerability in Requests-Xml Project Requests-Xml 0.2.3 requests-xml v0.2.3 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file. | 7.5 |
| 2023-06-29 | CVE-2020-26709 | XXE vulnerability in Py-Xml Project Py-Xml 1.0 py-xml v1.0 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file. | 7.5 |
| 2023-06-29 | CVE-2020-26710 | XXE vulnerability in Easy-Parse Project Easy-Parse 0.1.1 easy-parse v0.1.1 was discovered to contain a XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file. | 7.5 |
| 2023-06-26 | CVE-2023-3113 | XXE vulnerability in Lenovo Xclarity Administrator An unauthenticated XML external entity injection (XXE) vulnerability exists in LXCA's Common Information Model (CIM) server that could result in read-only access to specific files. | 7.5 |
| 2023-06-15 | CVE-2023-3276 | XXE vulnerability in Dromara Hutool A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. | 7.5 |
| 2023-06-13 | CVE-2023-24470 | XXE vulnerability in Microfocus Arcsight Logger Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0. | 9.1 |
| 2023-06-13 | CVE-2023-29498 | XXE vulnerability in Fujielectric Frenic RHC Loader 1.1.0.3 Improper restriction of XML external entity reference (XXE) vulnerability exists in FRENIC RHC Loader v1.1.0.3 and earlier. | 5.5 |
| 2023-06-05 | CVE-2023-34411 | XXE vulnerability in XML Library Project XML Library The xml-rs crate before 0.8.14 for Rust and Crab allows a denial of service (panic) via an invalid <! token (such as <!DOCTYPEs/%<!A nesting) in an XML document. | 7.5 |