Vulnerabilities > Improper Restriction of XML External Entity Reference ('XXE')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-04 | CVE-2024-45086 | XXE vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. | 5.5 |
2024-11-04 | CVE-2024-51136 | XXE vulnerability in Openimaj 1.3.10 An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted XML file. | 9.8 |
2024-10-28 | CVE-2024-50442 | XXE vulnerability in Royal-Elementor-Addons Royal Elementor Addons Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor Addons allows XML Injection.This issue affects Royal Elementor Addons: from n/a through 1.3.980. | 7.2 |
2024-10-16 | CVE-2024-45072 | XXE vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 5.5 |
2024-10-16 | CVE-2024-4184 | XXE vulnerability in Microfocus Application Automation Tools Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below. | 8.0 |
2024-10-16 | CVE-2024-4189 | XXE vulnerability in Microfocus Application Automation Tools Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below. | 8.0 |
2024-10-16 | CVE-2024-4690 | XXE vulnerability in Microfocus Application Automation Tools Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below. | 8.0 |
2024-10-09 | CVE-2024-39586 | XXE vulnerability in Dell EMC Appsync Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. | 4.3 |
2024-09-23 | CVE-2024-46985 | XXE vulnerability in Dataease DataEase is an open source data visualization analysis tool. | 7.5 |
2024-09-19 | CVE-2024-46984 | XXE vulnerability in Gematik Reference Validator The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. | 9.8 |