Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-611 (XML外部实体引用的不恰当限制(XXE)) — Vulnerability Class 417

417 vulnerabilities classified as CWE-611 (XML外部实体引用的不恰当限制(XXE)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-6961 XXE in Guardrails AI when consuming RAIL documents 5.9 Medium2024-07-21
CVE-2024-5625 XML External Entity Injection in PruvaSoft Informatics' Apinizer Management Console — Apinizer Management Console 6.5 Medium2024-07-18
CVE-2023-50304 IBM Engineering Requirements Management DOORS XML external entity injection — Engineering Requirements Management DOORS 7.1 High2024-07-18
CVE-2024-38374 Improper Restriction of XML External Entity Reference in org.cyclonedx:cyclonedx-core-java — cyclonedx-core-java 7.5 High2024-06-28
CVE-2023-49110 XML External Entity Injection in Kiuwan SAST — SAST 8.1 -2024-06-20
CVE-2024-34102 XXE can expose crypt key and other secrets granting full admin access — Adobe Commerce 9.8 Critical2024-06-13
CVE-2023-45192 IBM Engineering Requirements Management DOORS Next XML external entity injection — Engineering Requirements Management DOORS Next 8.2 High2024-06-06
CVE-2024-3969 XML External Entity injection vulnerability in iManager — iManager 7.8 High2024-05-28
CVE-2024-4357 XML External Entity Processing Information Disclosure — Telerik Report Server 6.5 Medium2024-05-15
CVE-2024-3486 XML External Entity injection vulnerability in iManager — iManager 7.8 High2024-05-15
CVE-2024-30043 Microsoft SharePoint Server Information Disclosure Vulnerability — Microsoft SharePoint Enterprise Server 2016 6.5 Medium2024-05-14
CVE-2024-34345 @cyclonedx/cyclonedx-library Improper Restriction of XML External Entity Reference vulnerability — cyclonedx-javascript-library 8.1 High2024-05-09
CVE-2023-51605 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability — Saia PG5 Controls Suite 5.5 -2024-05-03
CVE-2023-51604 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability — Saia PG5 Controls Suite 5.5 -2024-05-03
CVE-2023-51602 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability — Saia PG5 Controls Suite 5.5 -2024-05-03
CVE-2023-51601 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability — Saia PG5 Controls Suite 5.5 -2024-05-03
CVE-2023-51600 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability — Saia PG5 Controls Suite 5.5 -2024-05-03
CVE-2023-51591 Voltronic Power ViewPower Pro doDocument XML External Entity Processing Information Disclosure Vulnerability — ViewPower Pro 7.5 -2024-05-03
CVE-2023-44412 D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability — D-View 7.5 -2024-05-03
CVE-2023-42035 Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure Vulnerability — MyConnection Server 7.5 -2024-05-03
CVE-2023-40507 LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability — Simple Editor 7.5 -2024-05-03
CVE-2023-40506 LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability — Simple Editor 7.5 -2024-05-03
CVE-2023-40503 LG Simple Editor saveXmlFile XML External Entity Processing Information Disclosure Vulnerability — Simple Editor 7.5 -2024-05-03
CVE-2023-39472 Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability — Ignition 6.5 -2024-05-03
CVE-2024-29010 SonicWALL GMS 安全漏洞 — GMS 7.1 High2024-05-01
CVE-2024-22354 IBM WebSphere Application Server XML external entity injection — WebSphere Application Server 7.0 High2024-04-17
CVE-2024-25971 Dell PowerProtect Data Manager 代码问题漏洞 — PowerProtect Data Manager 5.5 Medium2024-03-28
CVE-2024-31139 JetBrains TeamCity 安全漏洞 — TeamCity 5.9 Medium2024-03-28
CVE-2024-2826 lakernote EasyAdmin saveReportFile xml external entity reference — EasyAdmin 6.3 Medium2024-03-22
CVE-2024-27266 IBM Maximo Application Suite XML external entity injection — Maximo Asset Management 8.2 High2024-03-14

Vulnerabilities classified as CWE-611 (XML外部实体引用的不恰当限制(XXE)) represent 417 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.