Vulnerabilities > Improper Restriction of XML External Entity Reference ('XXE')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-12 | CVE-2020-2120 | XXE vulnerability in Jenkins Fitnesse Jenkins FitNesse Plugin 1.30 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks. | 8.8 |
2020-02-12 | CVE-2020-2115 | XXE vulnerability in Jenkins Nunit Jenkins NUnit Plugin 0.25 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks. | 8.8 |
2020-02-11 | CVE-2014-2052 | XXE vulnerability in Owncloud Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack. | 9.8 |
2020-02-07 | CVE-2013-4334 | XXE vulnerability in Tejimaya Opwebapiplugin 0.1.0/0.4.0/0.5.1 opWebAPIPlugin 0.5.1, 0.4.0, and 0.1.0: XXE Vulnerabilities | 9.8 |
2020-01-30 | CVE-2019-10782 | XXE vulnerability in Checkstyle All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulnerable to XML External Entity (XXE) Injection due to an incomplete fix for CVE-2019-9658. | 5.3 |
2020-01-29 | CVE-2020-2108 | XXE vulnerability in Jenkins Websphere Deployer Jenkins WebSphere Deployer Plugin 1.6.1 and earlier does not configure the XML parser to prevent XXE attacks which can be exploited by a user with Job/Configure permissions. | 7.6 |
2020-01-28 | CVE-2019-4707 | XXE vulnerability in IBM Security Access Manager 9.0.7.0 IBM Security Access Manager Appliance 9.0.7.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
2020-01-24 | CVE-2013-4333 | XXE vulnerability in Tejimaya Openpne OpenPNE 3 versions 3.8.7, 3.6.11, 3.4.21.1, 3.2.7.6, 3.0.8.5 has an External Entity Injection Vulnerability | 9.1 |
2020-01-15 | CVE-2015-1811 | XXE vulnerability in Jenkins Cloudbees 1.596.1 XML external entity (XXE) vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via a crafted XML document. | 7.5 |
2020-01-15 | CVE-2015-1809 | XXE vulnerability in Jenkins Cloudbees 1.596.1 XML external entity (XXE) vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via an XPath query. | 7.5 |