Vulnerabilities > Improper Restriction of XML External Entity Reference ('XXE')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-06 | CVE-2019-15983 | XXE vulnerability in Cisco Data Center Network Manager A vulnerability in the SOAP API of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. | 4.9 |
| 2020-01-05 | CVE-2019-20153 | XXE vulnerability in Determine Contract Lifecycle Management 5.4 An issue was discovered in Determine (formerly Selectica) Contract Lifecycle Management (CLM) in v5.4. | 4.9 |
| 2020-01-03 | CVE-2019-3768 | XXE vulnerability in EMC RSA Authentication Manager RSA Authentication Manager versions prior to 8.4 P7 contain an XML Entity Injection Vulnerability. | 6.5 |
| 2019-12-30 | CVE-2019-19032 | XXE vulnerability in Xmlblueprint XMLBlueprint through 16.191112 is affected by XML External Entity Injection. | 8.1 |
| 2019-12-30 | CVE-2019-19031 | XXE vulnerability in Edit-Xml Easy XML Editor 1.7.8 Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. | 8.1 |
| 2019-12-26 | CVE-2019-19998 | XXE vulnerability in Xiuno Xiunobbs 4.0 Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php. | 7.5 |
| 2019-12-18 | CVE-2012-2656 | XXE vulnerability in Talend Restlet 1.1.10 An XML eXternal Entity (XXE) issue exists in Restlet 1.1.10 in an endpoint using XML transport, which lets a remote attacker obtain sensitive information. | 7.5 |
| 2019-12-17 | CVE-2019-16549 | XXE vulnerability in Jenkins Maven 0.14.0/0.16.1 Jenkins Maven Release Plugin 0.16.1 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks, allowing man-in-the-middle attackers to have Jenkins parse crafted XML documents. | 8.1 |
| 2019-12-15 | CVE-2014-3643 | XXE vulnerability in Jersey Project Jersey jersey: XXE via parameter entities not disabled by the jersey SAX parser | 7.5 |
| 2019-12-10 | CVE-2019-19702 | XXE vulnerability in Modoboa Modoboa-Dmarc 1.1.0 The modoboa-dmarc plugin 1.1.0 for Modoboa is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 7.5 |