Vulnerabilities > Improper Restriction of XML External Entity Reference ('XXE')

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-23	CVE-2019-1010202	XXE vulnerability in Jeesite 1.2.7 Jeesite 1.2.7 is affected by: XML External Entity (XXE). network low complexity jeesite CWE-611	4.0
2019-07-18	CVE-2019-7847	XXE vulnerability in Adobe Campaign 18.10.5.8984 Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Improper Restriction of XML External Entity Reference ('XXE') vulnerability. network low complexity adobe linux microsoft CWE-611	5.0
2019-07-18	CVE-2019-1010268	XXE vulnerability in Ladon Project Ladon Ladon since 0.6.1 (since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059) is affected by: XML External Entity (XXE). network low complexity ladon-project CWE-611	7.5
2019-07-17	CVE-2019-13625	XXE vulnerability in NSA Ghidra 9.0 NSA Ghidra before 9.0.1 allows XXE when a project is opened or restored, or a tool is imported, as demonstrated by a project.prp file. network low complexity nsa CWE-611 critical	9.4
2019-07-11	CVE-2018-17152	XXE vulnerability in Intersystems Cache 2017.2.2.865.0/2018.1.2 Intersystems Cache 2017.2.2.865.0 allows XXE. network low complexity intersystems CWE-611	5.5
2019-07-05	CVE-2019-13358	XXE vulnerability in Opencats lib/DocumentToText.php in OpenCats before 0.9.4-3 has XXE that allows remote users to read files on the underlying operating system. network low complexity opencats CWE-611	5.0
2019-07-03	CVE-2015-3907	XXE vulnerability in Codeigniter-Restserver Project Codeigniter-Restserver 2.7.1 CodeIgniter Rest Server (aka codeigniter-restserver) 2.7.1 allows XXE attacks. network low complexity codeigniter-restserver-project CWE-611	7.5
2019-06-28	CVE-2019-13031	XXE vulnerability in multiple products LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification to the notification server. network lemonldap-ng debian CWE-611	6.8
2019-06-28	CVE-2019-9843	XXE vulnerability in Diffplug Gradle and Maven In DiffPlug Spotless before 1.20.0 (library and Maven plugin) and before 3.20.0 (Gradle plugin), the XML parser would resolve external entities over both HTTP and HTTPS and didn't respect the resolveExternalEntities setting. network high complexity diffplug CWE-611	7.5
2019-06-24	CVE-2018-20843	XXE vulnerability in multiple products In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). network low complexity libexpat-project canonical debian fedoraproject opensuse oracle tenable CWE-611	7.5