Vulnerabilities > Improper Restriction of XML External Entity Reference ('XXE')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-18 | CVE-2020-14029 | XXE vulnerability in Ozeki NG SMS Gateway An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. | 7.5 |
| 2020-09-18 | CVE-2020-25750 | XXE vulnerability in Dotplant Dotplant2 An issue was discovered in DotPlant2 before 2020-09-14. | 7.5 |
| 2020-09-17 | CVE-2020-25215 | XXE vulnerability in Yworks YED yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document. | 9.8 |
| 2020-09-11 | CVE-2020-11991 | XXE vulnerability in Apache Cocoon When using the StreamGenerator, the code parse a user-provided XML. | 7.5 |
| 2020-09-11 | CVE-2020-25257 | XXE vulnerability in Hyland Onbase An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. | 9.8 |
| 2020-09-09 | CVE-2020-24379 | XXE vulnerability in multiple products WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to XXE injection. | 9.8 |
| 2020-09-01 | CVE-2020-2247 | XXE vulnerability in Jenkins Klocwork Analysis Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 6.5 |
| 2020-09-01 | CVE-2020-2245 | XXE vulnerability in Jenkins Valgrind Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 7.1 |
| 2020-08-29 | CVE-2020-25020 | XXE vulnerability in multiple products MPXJ through 8.1.3 allows XXE attacks. | 9.8 |
| 2020-08-26 | CVE-2020-17376 | XXE vulnerability in Openstack Nova An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. | 8.3 |