Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-611 (XML外部实体引用的不恰当限制(XXE)) — Vulnerability Class 417

417 vulnerabilities classified as CWE-611 (XML外部实体引用的不恰当限制(XXE)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-50168 Pegasystem PEGA Platform 代码问题漏洞 — Pega Platform 7.7 High2024-03-14
CVE-2024-28198 XML external entity (XXE) injection in OpenOLAT — OpenOLAT 4.6 Medium2024-03-11
CVE-2023-25926 IBM Security Guardium Key Lifecycle Manager XML external entity injection — Security Guardium Key Lifecycle Manager 5.5 Medium2024-02-29
CVE-2023-50380 Apache Ambari: authenticated users could perform XXE to read arbitrary files on the server — Apache Ambari 8.1 -2024-02-27
CVE-2024-25129 Limited data exfiltration in CodeQL CLI — codeql-cli-binaries 2.7 Low2024-02-22
CVE-2024-25606 Liferay Portal和Liferay DXP 安全漏洞 — Portal 8.0 High2024-02-20
CVE-2024-24743 XXE vulnerability in SAP NetWeaver AS Java (Guided Procedures) — SAP NetWeaver AS Java (Guided Procedures) 8.6 High2024-02-13
CVE-2023-32327 IBM Security Access Manager Container XML external entity injection — Security Verify Access Appliance 7.1 High2024-02-03
CVE-2024-1167 SEW-EURODRIVE MOVITOOLS MotionStudio Improper Restriction of XML External Entity Reference — MOVITOOLS MotionStudio 5.5 Medium2024-02-01
CVE-2023-4554 XML External Entity (XXE) Processing — AppBuilder 4.9 Medium2024-01-29
CVE-2023-45139 fonttools XML External Entity Injection (XXE) Vulnerability — fonttools 7.5 High2024-01-10
CVE-2023-6149 Possible XXE vulnerability in Jenkins Plugin for Qualys Web Application Security — Web App Scanning Connector Jenkins Plugin 5.7 Medium2024-01-09
CVE-2023-6147 Possible XXE vulnerability in Jenkins Plugin for Qualys Policy Compliance — Policy Compliance Connector Jenkins Plugin 5.7 Medium2024-01-09
CVE-2023-6280 XML External Entity Reference on 52North WPS — 52North WPS 7.2 High2023-12-19
CVE-2023-6836 WSO2 API Manager 安全漏洞 — WSO2 API Manager 4.6 Medium2023-12-15
CVE-2023-6721 Improper Restriction of XML External Entity Reference in Repox — Repox 8.3 High2023-12-13
CVE-2023-6194 Eclipse Memory Analyzer 代码问题漏洞 — Eclipse Memory Analyzer (tools.mat) 2.8 Low2023-12-11
CVE-2023-49733 Apache Cocoon's StreamGenerator is vulnerable to XXE injection — Apache Cocoon 7.5 -2023-11-30
CVE-2023-22274 ZDI-CAN-21305: Adobe RoboHelp Server UpdateCommandStream XML External Entity Processing Information Disclosure Vulnerability — RoboHelp 7.5 High2023-11-17
CVE-2023-46590 Siemens OPC UA Modelling Editor 安全漏洞 — Siemens OPC UA Modelling Editor (SiOME) 7.5 High2023-11-14
CVE-2023-4218 XXE in eclipse.platform / Eclipse IDE — Eclipse IDE 5.0 Medium2023-11-09
CVE-2023-5136 Incorrect Permission Assignment in the TopoGrafix DataPlugin for GPX — TopoGrafix DataPlugin for GPX 5.5 Medium2023-11-08
CVE-2023-43067 Dell Unity 代码问题漏洞 — Unity 4.9 Medium2023-10-23
CVE-2023-36419 Azure HDInsight Apache Oozie Workflow Scheduler XXE Elevation of Privilege Vulnerability — Azure HDInsight 8.8 High2023-10-10
CVE-2023-41365 Information Disclosure vulnerability in SAP Business One (B1i) — SAP Business One (B1i) 4.3 Medium2023-10-10
CVE-2023-45612 JetBrains Ktor 代码问题漏洞 — Ktor 8.6 High2023-10-09
CVE-2023-42445 Possible local file exfiltration by XML External entity injection — gradle 6.8 Medium2023-10-06
CVE-2023-3892 Unsafe XML parsing of 3rd party DICOM private tags may lead to XXE — MIM Assistant 5.6 Medium2023-09-19
CVE-2023-41369 External Entity Loop vulnerability in SAP S/4HANA (Create Single Payment application) — SAP S/4HANA (Create Single Payment application) 3.5 Low2023-09-12
CVE-2023-35892 IBM Financial Transaction Manager for SWIFT Services XML external entity injection — Financial Transaction Manager for SWIFT Services 7.1 High2023-09-04

Vulnerabilities classified as CWE-611 (XML外部实体引用的不恰当限制(XXE)) represent 417 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.