Fallos del tipo CWE-611

573 resultados
CVE-2022-34348HIGHIBM Sterling Partner Engagement Manager 6.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remotEPSS 1.4%CVE-2022-22486CRITICALIBM Tivoli Workload Scheduler XML external entity injectionEPSS 1.4%CVE-2023-27874CRITICALIBM Aspera Faspex XML external entity injectionEPSS 1.3%CVE-2020-15232CRITICALXML External Entity attack in mapfish-printEPSS 1.3%CVE-2021-3869HIGHImproper Restriction of XML External Entity Reference in stanfordnlp/corenlpEPSS 1.3%CVE-2023-24429CRITICALJenkins Semantic Versioning Plugin 1.14 and earlier does not restrict execution of an controller/agent message to agents, and implements no EPSS 1.3%CVE-2019-15983MEDIUMCisco Data Center Network Manager XML External Entity Read Access VulnerabilityEPSS 1.3%CVE-2020-26247LOWXXE in NokogiriEPSS 1.3%CVE-2023-49733Apache Cocoon's StreamGenerator is vulnerable to XXE injectionEPSS 1.3%CVE-2022-38389HIGHIBM Tivoli Workload Scheduler XML external entity injectionEPSS 1.3%CVE-2020-9044HIGHMetasys Improper Restriction of XML External Entity ReferenceEPSS 1.3%CVE-2020-3405MEDIUMCisco SD-WAN vManage Software XML External Entity VulnerabilityEPSS 1.3%CVE-2023-24430CRITICALJenkins Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.EPSS 1.3%CVE-2016-9487EpubCheck 4.0.1 is vulnerable to external XML entity processing attacksEPSS 1.3%CVE-2023-40507HIGHLG Simple Editor copyContent XML External Entity Processing Information Disclosure VulnerabilityEPSS 1.3%CVE-2023-40503HIGHLG Simple Editor saveXmlFile XML External Entity Processing Information Disclosure VulnerabilityEPSS 1.3%CVE-2023-40506HIGHLG Simple Editor copyContent XML External Entity Processing Information Disclosure VulnerabilityEPSS 1.3%CVE-2021-22140Elastic App Search versions after 7.11.0 and before 7.12.0 contain an XML External Entity Injection issue (XXE) in the App Search web crawleEPSS 1.3%CVE-2023-20855HIGHVMware vRealize Orchestrator contains an XML External Entity (XXE) vulnerability. A malicious actor, with non-administrative access to vRealEPSS 1.3%CVE-2021-40500SAP BusinessObjects Business Intelligence Platform (Crystal Reports) - versions 420, 430, allows an unauthenticated attacker to exploit missEPSS 1.3%