Vulnerabilities > Improper Restriction of XML External Entity Reference ('XXE')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-17 | CVE-2023-22274 | XXE vulnerability in Adobe Robohelp Server Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to information disclosure by an unauthenticated attacker. | 7.5 |
| 2023-11-14 | CVE-2023-46590 | XXE vulnerability in Siemens OPC UA Modeling Editor A vulnerability has been identified in Siemens OPC UA Modelling Editor (SiOME) (All versions < V2.8). | 7.5 |
| 2023-11-09 | CVE-2023-4218 | XXE vulnerability in Eclipse IDE In Eclipse IDE versions < 2023-09 (4.29) some files with xml content are parsed vulnerable against all sorts of XXE attacks. | 5.0 |
| 2023-11-06 | CVE-2023-46802 | XXE vulnerability in NTA E-Tax 1.17.1 e-Tax software Version3.0.10 and earlier improperly restricts XML external entity references (XXE) due to the configuration of the embedded XML parser. | 5.5 |
| 2023-10-30 | CVE-2023-46502 | XXE vulnerability in Opencrx 5.2.2 An issue in openCRX v.5.2.2 allows a remote attacker to read internal files and execute server side request forgery attack via insecure DocumentBuilderFactory. | 9.8 |
| 2023-10-27 | CVE-2022-34832 | XXE vulnerability in Vermeg Agile Reporter 21.3 An issue was discovered in VERMEG AgileReporter 21.3. | 6.5 |
| 2023-10-23 | CVE-2023-43067 | XXE vulnerability in Dell products Dell Unity prior to 5.3 contains an XML External Entity injection vulnerability. | 6.5 |
| 2023-10-23 | CVE-2023-43624 | XXE vulnerability in Omrom Cx-Designer CX-Designer Ver.3.740 and earlier (included in CX-One CXONE-AL[][]D-V4) contains an improper restriction of XML external entity reference (XXE) vulnerability. | 5.5 |
| 2023-10-18 | CVE-2023-45727 | XXE vulnerability in Northgrid Proself Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity (XXE) attacks. | 7.5 |
| 2023-10-14 | CVE-2022-32755 | XXE vulnerability in IBM products IBM Security Directory Server 6.4.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 9.1 |