Fallos del tipo CWE-611

573 resultados
CVE-2023-42344HIGHAlkacon OpenCms before 10.5.1 allows remote unauthenticated attackers to obtain sensitive information via a cmis-online/query XXE attack on EPSS 2.2%CVE-2021-34436In Eclipse Theia 0.1.1 to 0.2.0, it is possible to exploit the default build to obtain remote code execution (and XXE) via the theia-xml-extEPSS 2.2%CVE-2021-29620HIGHXXE vulnerability on Launch import with externally-defined DTD fileEPSS 2.2%CVE-2018-12544In version from 3.5.Beta1 to 3.5.3 of Eclipse Vert.x, the OpenAPI XML type validator creates XML parsers without taking appropriate defense EPSS 2.2%CVE-2019-1903MEDIUMCisco Security Manager XML Entity Expansion VulnerabilityEPSS 2.2%CVE-2022-1018MEDIUMICSA-22-088-01 Rockwell Automation ISaGRAFEPSS 2.1%CVE-2018-15444MEDIUMCisco Energy Management Suite XML External Entity VulnerabilityEPSS 2.0%CVE-2020-2012HIGHPAN-OS: Panorama: XML external entity reference ('XXE') vulnerability leads the to information leakEPSS 1.9%CVE-2017-7464HIGHIt was found that the JAXP implementation used in JBoss EAP 7.0 for SAX and DOM parsing is vulnerable to certain XXE flaws. An attacker coulEPSS 1.9%CVE-2024-55875CRITICALhttp4k has a potential XXE (XML External Entity Injection) vulnerabilityEPSS 1.9%CVE-2018-0108A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band EPSS 1.9%CVE-2022-39135Apache Calcite: potential XEE attacksEPSS 1.9%CVE-2024-51132CRITICALAn XML External Entity (XXE) vulnerability in HAPI FHIR before v6.4.0 allows attackers to access sensitive information or execute arbitrary EPSS 1.9%CVE-2022-46751HIGHApache Ivy: XML External Entity vulnerability in Apache IvyEPSS 1.8%CVE-2021-3878CRITICALImproper Restriction of XML External Entity Reference in stanfordnlp/corenlpEPSS 1.8%CVE-2018-0414Cisco Secure Access Control Server XML External Entity Injection VulnerabilityEPSS 1.8%CVE-2019-10244In Eclipse Kura versions up to 4.0.0, the Web UI package and component services, the Artemis simple Mqtt component and the emulator positionEPSS 1.8%CVE-2020-7572A CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.EPSS 1.8%CVE-2022-45468MEDIUMCVE-2022-45468EPSS 1.8%CVE-2021-27492When opening a specially crafted 3DXML file, the application containing Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dReaEPSS 1.7%