Vulnerabilities > Improper Restriction of XML External Entity Reference ('XXE')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-15 | CVE-2019-18412 | XXE vulnerability in Jetbrains Idetalk JetBrains IDETalk plugin before version 193.4099.10 allows XXE | 5.0 |
| 2020-01-15 | CVE-2015-8549 | XXE vulnerability in Pyamf XML external entity (XXE) vulnerability in PyAMF before 0.8.0 allows remote attackers to cause a denial of service or read arbitrary files via a crafted Action Message Format (AMF) payload. | 5.8 |
| 2020-01-14 | CVE-2014-5238 | XXE vulnerability in Open-Xchange Appsuite XML external entity (XXE) vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev11 and 7.6.x before 7.6.0-rev9 allows remote attackers to read arbitrary files and possibly other unspecified impact via a crafted OpenDocument Text document. | 6.8 |
| 2020-01-14 | CVE-2020-6958 | XXE vulnerability in YET Another Java Service Wrapper Project YET Another Java Service Wrapper 12.14 An XXE vulnerability in JnlpSupport in Yet Another Java Service Wrapper (YAJSW) 12.14, as used in NSA Ghidra and other products, allows attackers to exfiltrate data from remote hosts and potentially cause denial-of-service. | 6.4 |
| 2020-01-06 | CVE-2019-15983 | XXE vulnerability in Cisco Data Center Network Manager A vulnerability in the SOAP API of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. | 4.0 |
| 2020-01-05 | CVE-2019-20153 | XXE vulnerability in Determine Contract Lifecycle Management 5.4 An issue was discovered in Determine (formerly Selectica) Contract Lifecycle Management (CLM) in v5.4. | 4.0 |
| 2020-01-03 | CVE-2019-3768 | XXE vulnerability in EMC RSA Authentication Manager RSA Authentication Manager versions prior to 8.4 P7 contain an XML Entity Injection Vulnerability. | 6.5 |
| 2019-12-30 | CVE-2019-19032 | XXE vulnerability in Xmlblueprint XMLBlueprint through 16.191112 is affected by XML External Entity Injection. | 5.5 |
| 2019-12-30 | CVE-2019-19031 | XXE vulnerability in Edit-Xml Easy XML Editor 1.7.8 Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. | 5.5 |
| 2019-12-26 | CVE-2019-19998 | XXE vulnerability in Xiuno Xiunobbs 4.0 Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php. | 5.0 |