Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-611 (XML外部实体引用的不恰当限制(XXE)) — Vulnerability Class 417

417 vulnerabilities classified as CWE-611 (XML外部实体引用的不恰当限制(XXE)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-35112 Agiloft XML external entity local path traversal — Agiloft 4.1 Medium2025-08-26
CVE-2025-57704 EIP Builder XML External Entity Processing Information Disclosure Vulnerability — EIP Builder 5.5 Medium2025-08-26
CVE-2025-54988 Apache Tika PDF parser module: XXE vulnerability in PDFParser's handling of XFA — Apache Tika PDF parser module 8.4 High2025-08-20
CVE-2025-4044 XML External Entity Injection vulnerability in various Lexmark Universal Drivers — Universal Print Driver 8.2 High2025-08-19
CVE-2025-26484 Dell CloudLink 代码问题漏洞 — CloudLink 5.5 Medium2025-08-14
CVE-2025-40584 Siemens多款产品 代码问题漏洞 — SIMOTION SCOUT TIA V5.4 5.5 Medium2025-08-12
CVE-2025-54992 OpenKilda XXE in SAML configuration — open-kilda 7.5AIHighAI2025-08-11
CVE-2025-8355 XXE leading to SSRF — FreeFlow Core 7.5 High2025-08-08
CVE-2025-54254 Adobe Experience Manager | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) — Adobe Experience Manager 8.6 High2025-08-05
CVE-2025-36608 Dell SmartFabric OS10 Software 代码问题漏洞 — SmartFabric OS10 Software 6.5 Medium2025-07-30
CVE-2025-26400 SolarWinds Web Help Desk XML External Entity Injection (XXE) Vulnerability — Web Help Desk 5.3 Medium2025-07-29
CVE-2025-54445 SAMSUNG MagicINFO 9 Server 安全漏洞 — MagicINFO 9 Server 8.2 High2025-07-23
CVE-2025-7766 Lantronix Provisioning Manager Improper Restriction of XML External Entity Reference — Provisioning Manager 8.0 High2025-07-22
CVE-2025-34142 ETQ Reliance CG < SE.2025.1 / < 2025.1.2 XXE Injection in SSO SAML Handler — Reliance CG (legacy) 9.1 -2025-07-22
CVE-2025-36603 Dell AppSync 代码问题漏洞 — AppSync 4.2 Medium2025-07-21
CVE-2025-7824 Jinher OA XmlHttp.aspx xml external entity reference — OA 7.3 High2025-07-19
CVE-2025-7823 Jinher OA ProjectScheduleDelete.aspx xml external entity reference — OA 7.3 High2025-07-19
CVE-2025-53621 DSpace vulnerable to XML External Entity (XXE) injection in import via Simple Archive Format (SAF) or import from external sources — DSpace 6.9 Medium2025-07-15
CVE-2025-53689 Apache Jackrabbit: XXE vulnerability in jackrabbit-spi-commons — Apache Jackrabbit 9.8 -2025-07-14
CVE-2025-7523 Jinher OA DelTemp.aspx xml external entity reference — OA 7.3 High2025-07-13
CVE-2025-6438 Schneider Electric EcoStruxure IT Data Center Expert 代码问题漏洞 — EcoStruxure™ IT Data Center Expert 8.1AIHighAI2025-07-11
CVE-2025-49535 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) — ColdFusion 9.3 Critical2025-07-08
CVE-2025-49539 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) — ColdFusion 4.5 Medium2025-07-08
CVE-2025-49544 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) — ColdFusion 6.8 Medium2025-07-08
CVE-2025-49493 Akamai CloudTest 代码问题漏洞 — CloudTest 5.8 Medium2025-06-30
CVE-2025-52888 Allure 2's xunit-xml-plugin Vulnerable to Improper XXE Restriction — allure2 7.5 High2025-06-24
CVE-2025-47293 PowSyBl Core XML Reader allows XXE and SSRF — powsybl-core 6.5AIMediumAI2025-06-19
CVE-2025-33121 IBM QRadar SIEM XML external entity injection — QRadar SIEM 7.1 High2025-06-19
CVE-2025-36049 IBM webMethods Integration Sever XML external entity injection — webMethods Integration Server 8.8 High2025-06-18
CVE-2025-30220 GeoTools, GeoServer, and GeoNetwork XML External Entity (XXE) Processing Vulnerability in XSD schema handling — geoserver 9.9 Critical2025-06-10

Vulnerabilities classified as CWE-611 (XML外部实体引用的不恰当限制(XXE)) represent 417 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.