Vulnerabilities > Improper Restriction of XML External Entity Reference ('XXE')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-07 | CVE-2018-14383 | XXE vulnerability in Ttpsc the Scheduler 5.1.3 The Transition Technologies "The Scheduler" app 5.1.3 for Jira allows XXE due to a weakly configured/parameterized XML parser. | 7.5 |
| 2019-08-02 | CVE-2017-18438 | XXE vulnerability in Cpanel cPanel before 64.0.21 allows demo accounts to execute code via Encoding API calls (SEC-242). | 6.3 |
| 2019-07-30 | CVE-2019-4456 | XXE vulnerability in IBM Daeja Viewone IBM Daeja ViewONE Professional, Standard & Virtual 5.0.5 and 5.0.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
| 2019-07-30 | CVE-2019-4062 | XXE vulnerability in IBM I2 Intelligent Analysis Platform IBM i2 Intelligent Analyis Platform 9.0.0 through 9.1.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
| 2019-07-26 | CVE-2019-10266 | XXE vulnerability in Ahsay Cloud Backup Suite An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. | 7.5 |
| 2019-07-26 | CVE-2019-10264 | XXE vulnerability in Ahsay Cloud Backup Suite An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. | 7.2 |
| 2019-07-26 | CVE-2019-13990 | XXE vulnerability in multiple products initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description. | 9.8 |
| 2019-07-26 | CVE-2019-10976 | XXE vulnerability in Mitsubishielectric Electric FR Configurator2 Firmware Mitsubishi Electric FR Configurator2, Version 1.16S and prior. | 5.5 |
| 2019-07-23 | CVE-2019-2861 | XXE vulnerability in Oracle Hyperion Planning 11.1.2.4 Vulnerability in the Oracle Hyperion Planning component of Oracle Hyperion (subcomponent: Security). | 4.2 |
| 2019-07-23 | CVE-2019-1010202 | XXE vulnerability in Jeesite 1.2.7 Jeesite 1.2.7 is affected by: XML External Entity (XXE). | 6.5 |