Fallos del tipo CWE-611
576 resultadosCVE-2024-3930MEDIUMXML External Entity in AkanaEPSS 0.3%CVE-2026-1567HIGHIBM InfoSphere Information Server is affected by an XML external entity injection (XXE) vulnerabilityEPSS 0.3%CVE-2023-6194LOWIn Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit
document type definition (DTD) rEPSS 0.3%CVE-2026-46722MEDIUMXML External Entity Injection in extension "Faceted Search" (ke_search)EPSS 0.3%CVE-2026-38429CRITICALOpenCMS v20 and before is vulnerable to XML External Entity (XXE) in the Admin Import DB feature due to insecure XML parsing of user supplieEPSS 0.3%CVE-2022-41221HIGHThe client in OpenText Archive Center Administration through 21.2 allows XXE attacks. Authenticated users of the OpenText Archive Center AdmEPSS 0.3%CVE-2025-66371MEDIUMPeppol-py before 1.1.1 allows XXE attacks because of the Saxon configuration. When validating XML-based invoices, the XML parser could read EPSS 0.3%CVE-2026-21569HIGHThis High severity XXE (XML External Entity Injection) vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server.
ThEPSS 0.3%CVE-2025-46425MEDIUMDell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerabEPSS 0.3%CVE-2025-36247HIGHIBM Db2 XML External Entity ReferenceEPSS 0.3%CVE-2026-33913HIGHOpenEMR: XInclude Injection in CCDA Import Allows Reading Arbitrary Server FilesEPSS 0.3%CVE-2026-2536MEDIUMopencc JFlow Workflow WF_Admin_AttrFlow.java Imp_Done xml external entity referenceEPSS 0.3%CVE-2025-68463MEDIUMBio.Entrez in Biopython through 186 allows doctype XXE.EPSS 0.3%CVE-2026-6653HIGHlibxml2: Use after free in xmlParseInternalSubset via improper entity resolution handlingEPSS 0.3%CVE-2025-15251MEDIUMbeecue FastBee SIP Message ReqAbstractHandler.java getRootElement xml external entity referenceEPSS 0.3%CVE-2025-58175MEDIUMGeoServer has a Server-Side Request Forgery (SSRF) Vulnerability in its XML Entity ResolutionEPSS 0.3%CVE-2025-66370MEDIUMKivitendo before 3.9.2 allows XXE injection. By uploading an electronic invoice in the ZUGFeRD format, it is possible to read and exfiltrateEPSS 0.3%CVE-2025-35112MEDIUMAgiloft XML external entity local path traversalEPSS 0.3%CVE-2026-44020HIGHDocling: Unsafe XML Entity Expansion in USPTO Patent BackendEPSS 0.3%CVE-2026-28809MEDIUMXXE in esaml SAML library allows local file read and potential SSRFEPSS 0.3%