Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-611 (XML外部实体引用的不恰当限制(XXE)) — Vulnerability Class 417

417 vulnerabilities classified as CWE-611 (XML外部实体引用的不恰当限制(XXE)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-41034 DDFFileParser in eclipse leshan is vulnerable to XXE Attacks — leshan 6.5 Medium2023-08-31
CVE-2022-46751 Apache Ivy: XML External Entity vulnerability in Apache Ivy — Apache Ivy 8.6 -2023-08-21
CVE-2023-0871 An XML External Entity injection vulnerability — Horizon 5.4 Medium2023-08-11
CVE-2023-35389 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability — Microsoft Dynamics 365 (on-premises) version 9.0 6.5 Medium2023-08-08
CVE-2020-26064 Cisco SD-WAN vManage 代码问题漏洞 — Cisco SD-WAN vManage 7.3 -2023-08-04
CVE-2023-30951 CVE-2023-30951 — com.palantir.magritte:magritte-rest-source-bundle 6.3 Medium2023-08-03
CVE-2023-38490 Kirby XML External Entity (XXE) vulnerability in the XML data handler — kirby 6.8 Medium2023-07-27
CVE-2023-37200 Schneider Electric EcoStruxure OPC UA Server Expert 代码问题漏洞 — EcoStruxure OPC UA Server Expert 5.5 Medium2023-07-12
CVE-2023-3113 Lenovo XClarity Administrator 代码问题漏洞 — Lenovo XClarity Administrator 8.2 High2023-06-26
CVE-2023-3276 Dromara HuTool XML Parsing Module XmlUtil.java readBySax xml external entity reference — HuTool 5.5 Medium2023-06-15
CVE-2023-32706 Denial Of Service due to Untrusted XML Tag in XML Parser within SAML Authentication — Splunk Enterprise 7.7 High2023-06-01
CVE-2023-2806 Weaver e-cology API RequestInfoByXml xml external entity reference — e-cology 5.5 Medium2023-05-19
CVE-2023-20174 Cisco Identity Services Engine XML External Entity Injection Vulnerabilities — Cisco Identity Services Engine Software 4.9 Medium2023-05-18
CVE-2023-20173 Cisco Identity Services Engine XML External Entity Injection Vulnerabilities — Cisco Identity Services Engine Software 4.9 Medium2023-05-18
CVE-2023-2161 Schneider Electric OPC Factory Server 代码问题漏洞 — OPC Factory Server (OFS) 5.0 Medium2023-05-16
CVE-2023-27554 IBM WebSphere Application Server XML external entity injection — WebSphere Application Server 6.3 Medium2023-05-11
CVE-2022-45876 CVE-2022-45876 — VBASE 5.5 -2023-04-26
CVE-2023-28828 Siemens Polarion 代码问题漏洞 — Polarion ALM 5.9 Medium2023-04-11
CVE-2023-27876 IBM TRIRIGA Application Platform XML external entity injection — TRIRIGA Application Platform 7.1 High2023-04-07
CVE-2023-20030 Cisco Identity Services Engine XML External Entity Injection Vulnerability — Cisco Identity Services Engine Software 6.0 Medium2023-04-05
CVE-2022-43941 Hitachi Vantara Pentaho Business Analytics Server - Improper Restriction of XML External Entity Reference — Pentaho Business Analytics Server 7.1 High2023-04-03
CVE-2022-43473 ManageEngine OpManager 代码问题漏洞 — OpManager 5.8 Medium2023-03-30
CVE-2022-36969 AVEVA Edge 代码问题漏洞 — Edge 5.5 -2023-03-29
CVE-2018-25082 zwczou WeChat SDK Python to_xml xml external entity reference — WeChat SDK Python 6.3 Medium2023-03-21
CVE-2023-27874 IBM Aspera Faspex XML external entity injection — Aspera Faspex 9.9 Critical2023-03-21
CVE-2023-26461 XML External Entity (XXE) vulnerability in SAP NetWeaver (SAP Enterprise Portal) — NetWeaver (SAP Enterprise Portal) 6.8 Medium2023-03-14
CVE-2023-1288 ENOVIA Live Collaboration V6R2013xE is affected by an XML External Entity injection (XXE) vulnerability — ENOVIA Live Collaboration 6.8 Medium2023-03-09
CVE-2023-27476 XML External Entity (XXE) Injection in OWSLib — OWSLib 8.2 High2023-03-07
CVE-2023-27480 Data leak through a XAR import XXE attack in xwiki-platform-xar-model — xwiki-platform 7.7 High2023-03-07
CVE-2023-26043 XML External Entity (XXE) injection in GeoServer style upload functionality — geonode 6.5 Medium2023-02-27

Vulnerabilities classified as CWE-611 (XML外部实体引用的不恰当限制(XXE)) represent 417 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.