Weaknesses of type CWE-611
577 resultsCVE-2025-22478HIGHDell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerabEPSS 0.2%CVE-2022-21220HIGHImproper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user toEPSS 0.2%CVE-2026-33371MEDIUMAn issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. An XML External Entity (XXE) vulnerability exists in the Zimbra ExchangEPSS 0.2%CVE-2026-56701HIGHGrav - XML External Entity Injection via SVG UploadEPSS 0.2%CVE-2026-8045HIGHCWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side fiEPSS 0.2%CVE-2024-21765MEDIUMElectronic Delivery Check System (Doboku) Ver.18.1.0 and earlier, Electronic Delivery Check System (Dentsu) Ver.12.1.0 and earlier, ElectronEPSS 0.2%CVE-2024-56356MEDIUMIn JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attackEPSS 0.2%CVE-2026-6501MEDIUMImproper restriction of XML external entity reference vulnerability in ILM Informatique jOpenDocument allows Data Serialization External EntEPSS 0.2%CVE-2023-42346HIGHAlkacon OpenCms before 16 allows XXE when the <!DOCTYPE> refers to an external host.EPSS 0.2%CVE-2023-49234MEDIUMAn XML external entity (XXE) vulnerability was found in Stilog Visual Planning 8. It allows an authenticated attacker to access local serverEPSS 0.2%CVE-2023-25955MEDIUMNational land numerical information data conversion tool all versions improperly restricts XML external entity references (XXE). By processiEPSS 0.2%CVE-2026-1218MEDIUMBjskzy Zhiyou ERP com.artery.richclient.RichClientService RichClientService.class initRCForm xml external entity referenceEPSS 0.2%CVE-2026-44445MEDIUMERPNext: XML External Entity (XEE) Reference Vulnerability in the EDI ModuleEPSS 0.2%CVE-2026-40991MEDIUMXML External Entity (XXE) injection when documenting untrusted XML contentEPSS 0.2%CVE-2025-52162MEDIUMagorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain an XML External Entity (XXE) via the RSSReader endpoint. EPSS 0.2%CVE-2024-12298MEDIUMVulnerability Report on Improper Restriction of XML External Entity Reference in NB-DesignerEPSS 0.2%CVE-2026-33737MEDIUMChamilo LMS has an XML External Entity (XXE) InjectionEPSS 0.2%CVE-2023-26263MEDIUMAll versions of Talend Data Catalog before 8.0-20230110 are potentially vulnerable to XML External Entity (XXE) attacks in the /MIMBWebServiEPSS 0.2%CVE-2023-3892MEDIUMUnsafe XML parsing of 3rd party DICOM private tags may lead to XXEEPSS 0.2%CVE-2020-14379—A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of serviceEPSS 0.2%