Vulnerabilities > Improper Restriction of XML External Entity Reference ('XXE')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-16 | CVE-2024-45072 | XXE vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 5.5 |
| 2024-10-16 | CVE-2024-4184 | XXE vulnerability in Microfocus Application Automation Tools Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below. | 8.0 |
| 2024-10-16 | CVE-2024-4189 | XXE vulnerability in Microfocus Application Automation Tools Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below. | 8.0 |
| 2024-10-16 | CVE-2024-4690 | XXE vulnerability in Microfocus Application Automation Tools Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below. | 8.0 |
| 2024-10-09 | CVE-2024-39586 | XXE vulnerability in Dell EMC Appsync Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. | 4.3 |
| 2024-10-07 | CVE-2024-45293 | XXE vulnerability in PHPoffice PHPspreadsheet PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. | 7.5 |
| 2024-09-23 | CVE-2024-46985 | XXE vulnerability in Dataease DataEase is an open source data visualization analysis tool. | 7.5 |
| 2024-09-19 | CVE-2024-46984 | XXE vulnerability in Gematik Reference Validator The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. | 9.8 |
| 2024-09-16 | CVE-2024-7098 | XXE vulnerability in SFS Winsure Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.This issue affects ww.Winsure: before 4.6.2. | 9.8 |
| 2024-09-10 | CVE-2023-37233 | XXE vulnerability in Loftware Spectrum Loftware Spectrum before 4.6 HF14 allows authenticated XXE attacks. | 8.8 |