Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-611 (XML外部实体引用的不恰当限制(XXE)) — Vulnerability Class 417

417 vulnerabilities classified as CWE-611 (XML外部实体引用的不恰当限制(XXE)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2015-10082 UIKit0 libplist XML xplist.c plist_from_xml xml external entity reference — libplist 5.5 Medium2023-02-21
CVE-2016-15026 3breadt dd-plist xml external entity reference — dd-plist 5.3 Medium2023-02-20
CVE-2014-125087 java-xmlbuilder xml external entity reference — java-xmlbuilder 5.5 Medium2023-02-19
CVE-2022-39954 Fortinet FortiNAC 代码问题漏洞 — FortiNAC 6.9 High2023-02-16
CVE-2023-20052 ClamAV 安全漏洞 — Cisco Secure Endpoint 5.3 Medium2023-02-16
CVE-2023-23926 Neo4j 代码问题漏洞 — apoc 5.9 Medium2023-02-16
CVE-2023-22832 Apache NiFi: Improper Restriction of XML External Entity References in ExtractCCDAAttributes — Apache NiFi 7.5 -2023-02-10
CVE-2022-38389 IBM Tivoli Workload Scheduler XML external entity injection — Tivoli Workload Scheduler 7.1 High2023-02-02
CVE-2022-22486 IBM Tivoli Workload Scheduler XML external entity injection — Tivoli Workload Scheduler 10.0 Critical2023-02-02
CVE-2021-4311 Talend Open Studio for MDM XML xml external entity reference — Open Studio for MDM 5.5 Medium2023-01-09
CVE-2015-10029 kelvinmo simplexrd simplexrd.class.php xml external entity reference — simplexrd 5.5 Medium2023-01-07
CVE-2016-15011 e-Contract dssp SignResponseVerifier.java checkSignResponse xml external entity reference — dssp 5.5 Medium2023-01-06
CVE-2020-36641 gturri aXMLRPC ResponseParser.java ResponseParser xml external entity reference — aXMLRPC 5.5 Medium2023-01-05
CVE-2020-36640 bonitasoft bonita-connector-webservice SecureWSConnector.java TransformerConfigurationException xml external entity reference — bonita-connector-webservice 5.5 Medium2023-01-05
CVE-2017-20151 iText RUPS XfaFile.java xml external entity reference — RUPS 5.5 Medium2022-12-30
CVE-2021-4295 ONC code-validator-api XML CodeValidatorApiConfiguration.java vocabularyValidationConfigurations xml external entity reference — code-validator-api 5.5 Medium2022-12-29
CVE-2022-4818 Talend Open Studio for MDM SystemStorageWrapper.java xml external entity reference — Open Studio for MDM 5.5 Medium2022-12-28
CVE-2022-41967 Improper Restriction of XML External Entity Reference in Dragonfly — Dragonfly 7.0 High2022-12-27
CVE-2022-4607 3D City Database OGC Web Feature Service xml external entity reference — OGC Web Feature Service 5.5 Medium2022-12-18
CVE-2022-46827 JetBrains IntelliJ IDEA 代码问题漏洞 — IntelliJ IDEA 3.9 Low2022-12-08
CVE-2022-20938 Cisco Firepower Management Center 代码问题漏洞 — Cisco Firepower Management Center 4.3 Medium2022-11-10
CVE-2022-43570 XML External Entity Injection through a custom View in Splunk Enterprise — Splunk Enterprise 8.8 High2022-11-04
CVE-2022-3340 Trellix IPS Manager vulnerable to XXE — Trellix IPS Manager 5.9 Medium2022-11-04
CVE-2022-3338 XXE in Trellix ePO server — Trellix ePolicy Orchestrator (ePO) 5.4 Medium2022-10-18
CVE-2022-42341 Adobe ColdFusion Improper Restriction of XML External Entity Reference Arbitrary file system read — ColdFusion 7.5 High2022-10-14
CVE-2022-38419 Adobe ColdFusion Solr Service XML External Entity Processing Arbitrary file system read — ColdFusion 7.5 High2022-10-14
CVE-2022-40705 Apache SOAP: XML External Entity Injection (XXE) allows unauthenticated users to read arbitrary files via HTTP — Apache SOAP 7.5 -2022-09-22
CVE-2022-1700 Forcepoint Data Loss Prevention 代码问题漏洞 — Data Loss Prevention (DLP) 7.5 High2022-09-12
CVE-2022-39135 Apache Calcite: potential XEE attacks — Apache Calcite 9.8 -2022-09-11
CVE-2022-2759 Delta Electronics Delta Robot Automation Studio 代码问题漏洞 — Delta Robot Automation Studio (DRAS) 5.5 Medium2022-08-31

Vulnerabilities classified as CWE-611 (XML外部实体引用的不恰当限制(XXE)) represent 417 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.