Vulnerabilities > Improper Restriction of XML External Entity Reference ('XXE')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-12 | CVE-2014-3599 | XXE vulnerability in Redhat Hornetq HornetQ REST is vulnerable to XML External Entity due to insecure configuration of RestEasy | 4.3 |
| 2019-11-07 | CVE-2019-12331 | XXE vulnerability in PHPspreadsheet Project PHPspreadsheet PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. | 6.8 |
| 2019-10-31 | CVE-2019-18227 | XXE vulnerability in Advantech Wise-Paas/Rmm 3.3.29 Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. | 5.0 |
| 2019-10-29 | CVE-2019-9757 | XXE vulnerability in Labkey Server 19.1.0 An issue was discovered in LabKey Server 19.1.0. | 5.0 |
| 2019-10-28 | CVE-2017-15725 | XXE vulnerability in Devada Dzone Answerhub An XML External Entity Injection vulnerability exists in Dzone AnswerHub. | 5.0 |
| 2019-10-25 | CVE-2019-8087 | XXE vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. | 5.0 |
| 2019-10-25 | CVE-2019-8086 | XXE vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. | 5.0 |
| 2019-10-25 | CVE-2019-8082 | XXE vulnerability in Adobe Experience Manager 6.2/6.3/6.4 Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. | 5.0 |
| 2019-10-23 | CVE-2019-12415 | XXE vulnerability in multiple products In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing. | 5.5 |
| 2019-10-23 | CVE-2019-10466 | XXE vulnerability in Jenkins 360 Fireline An XML external entities (XXE) vulnerability in Jenkins 360 FireLine Plugin allows attackers with Overall/Read access to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins agent, server-side request forgery, or denial-of-service attacks. | 8.1 |