Vulnerabilities > Improper Restriction of XML External Entity Reference ('XXE')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-30 | CVE-2024-3930 | XXE vulnerability in Perforce Akana API In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE) was discovered. | 9.8 |
| 2024-06-07 | CVE-2024-36827 | XXE vulnerability in Dnkorpushov Ebookmeta An XML External Entity (XXE) vulnerability in the ebookmeta.get_metadata function of ebookmeta before v1.2.8 allows attackers to access sensitive information or cause a Denial of Service (DoS) via crafted XML input. | 7.5 |
| 2024-06-07 | CVE-2024-37388 | XXE vulnerability in Dnkorpushov Ebookmeta An XML External Entity (XXE) vulnerability in the ebookmeta.get_metadata function of lxml before v4.9.1 allows attackers to access sensitive information or cause a Denial of Service (DoS) via crafted XML input. | 9.1 |
| 2024-05-28 | CVE-2024-3969 | XXE vulnerability in Microfocus Imanager XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. | 9.8 |
| 2024-05-15 | CVE-2024-3486 | XXE vulnerability in Microfocus Imanager XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. | 9.8 |
| 2024-05-15 | CVE-2024-4357 | XXE vulnerability in Progress Telerik Reporting An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, allows low-privilege attacker to read systems file via XML External Entity Processing. | 6.5 |
| 2024-05-03 | CVE-2023-39472 | XXE vulnerability in Inductiveautomation Ignition Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability. | 6.5 |
| 2024-03-28 | CVE-2024-31139 | XXE vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03 xXE was possible in the Maven build steps detector | 8.1 |
| 2024-03-14 | CVE-2023-50168 | XXE vulnerability in Pega Platform Pega Platform from 6.x to 8.8.4 is affected by an XXE issue with PDF Generation. | 7.7 |
| 2024-03-11 | CVE-2024-28198 | XXE vulnerability in Frentix Openolat OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. | 7.5 |