Vulnerabilities > Improper Restriction of XML External Entity Reference ('XXE')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-20 | CVE-2022-0219 | XXE vulnerability in Jadx Project Jadx Improper Restriction of XML External Entity Reference in GitHub repository skylot/jadx prior to 1.3.2. | 4.3 |
| 2022-01-17 | CVE-2022-0239 | XXE vulnerability in Stanford Corenlp corenlp is vulnerable to Improper Restriction of XML External Entity Reference | 7.5 |
| 2022-01-13 | CVE-2021-40722 | XXE vulnerability in Adobe Experience Manager AEM Forms Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by an XML External Entity (XXE) injection vulnerability that could be abused by an attacker to achieve RCE. | 7.5 |
| 2022-01-13 | CVE-2022-0198 | XXE vulnerability in Stanford Corenlp corenlp is vulnerable to Improper Restriction of XML External Entity Reference | 5.8 |
| 2022-01-12 | CVE-2021-42560 | XXE vulnerability in Mitre Caldera 2.9.0 An issue was discovered in CALDERA 2.9.0. | 6.5 |
| 2021-12-22 | CVE-2021-44028 | XXE vulnerability in Quest Kace Desktop Authority XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an attacker, a related issue to CVE-2018-1285. | 4.3 |
| 2021-12-16 | CVE-2021-45096 | XXE vulnerability in Knime Analytics Platform KNIME Analytics Platform before 4.5.0 is vulnerable to XXE (external XML entity injection) via a crafted workflow file (.knwf), aka AP-17730. | 4.3 |
| 2021-12-14 | CVE-2021-3836 | XXE vulnerability in Dbeaver dbeaver is vulnerable to Improper Restriction of XML External Entity Reference | 4.3 |
| 2021-12-10 | CVE-2021-23463 | XXE vulnerability in H2Database H2 1.4.198/1.4.199/1.4.200 The package com.h2database:h2 from 1.4.198 and before 2.0.202 are vulnerable to XML External Entity (XXE) Injection via the org.h2.jdbc.JdbcSQLXML class object, when it receives parsed string data from org.h2.jdbc.JdbcResultSet.getSQLXML() method. | 9.1 |
| 2021-12-08 | CVE-2021-44556 | XXE vulnerability in KB Digger National Library of the Netherlands digger < 6697d1269d981e35e11f240725b16401b5ce3db5 is affected by a XML External Entity (XXE) vulnerability. | 6.4 |