Total
87 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-37154 | 1 Forgerock | 1 Access Management | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
In ForgeRock Access Management (AM) before 7.0.2, the SAML2 implementation allows XML injection, potentially enabling a fraudulent SAML 2.0 assertion. | |||||
CVE-2021-31347 | 2 Debian, Ezxml Project | 2 Debian Linux, Ezxml | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (writing outside a memory region created by mmap). | |||||
CVE-2021-36359 | 1 Bscw | 1 Bscw Classic | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
OrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution (RCE) via XML tag injection because reportlab\platypus\paraparser.py (reached via bscw.cgi op=_editfolder.EditFolder) calls eval on attacker-supplied Python code. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3. | |||||
CVE-2021-36020 | 1 Adobe | 2 Adobe Commerce, Magento Open Source | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the 'City' field. An unauthenticated attacker can trigger a specially crafted script to achieve remote code execution. | |||||
CVE-2021-32758 | 1 Openmage | 1 Openmage | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
OpenMage Magento LTS is an alternative to the Magento CE official releases. Prior to versions 19.4.15 and 20.0.11, layout XML enabled admin users to execute arbitrary commands via block methods. The latest OpenMage Versions up from v19.4.15 and v20.0.11 have this Issue patched. | |||||
CVE-2020-29128 | 1 Petl Project | 1 Petl | 2024-02-28 | 6.8 MEDIUM | 9.8 CRITICAL |
petl before 1.68, in some configurations, allows resolution of entities in an XML document. | |||||
CVE-2017-15683 | 1 Craftercms | 1 Crafter Cms | 2024-02-28 | 5.0 MEDIUM | 8.6 HIGH |
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band. | |||||
CVE-2021-21025 | 1 Magento | 1 Magento | 2024-02-28 | 6.5 MEDIUM | 9.1 CRITICAL |
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to XML injection in the product layout updates. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation. | |||||
CVE-2020-29599 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c. | |||||
CVE-2020-4774 | 1 Ibm | 1 Curam Social Program Management | 2024-02-28 | 5.5 MEDIUM | 5.4 MEDIUM |
An XPath vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, caused by the improper handling of user-supplied input. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to obtain unauthorized access or reveal sensitive information such as XML document structure and content. IBM X-Force ID: 189152. | |||||
CVE-2021-21019 | 1 Magento | 1 Magento | 2024-02-28 | 6.5 MEDIUM | 9.1 CRITICAL |
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to XML injection in the Widgets module. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation. | |||||
CVE-2017-15685 | 1 Craftercms | 1 Crafter Cms | 2024-02-28 | 5.0 MEDIUM | 8.6 HIGH |
Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE). An unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band. | |||||
CVE-2020-8479 | 1 Abb | 3 800xa System, Compact Hmi, Control Builder Safe | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, ABB AbilityTM SCADAvantage versions 5.1 to 5.6.5. an XML External Entity Injection vulnerability exists that allows an attacker to read or call arbitrary files from the license server and/or from the network and also block the license handling. | |||||
CVE-2020-11535 | 1 Onlyoffice | 1 Document Server | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit XML injection to enter an attacker-controlled parameter into the x2t binary, to rewrite this binary and/or libxcb.so.1, and execute code on a victim's server. | |||||
CVE-2020-6260 | 1 Sap | 1 Solution Manager | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist. | |||||
CVE-2020-6271 | 1 Sap | 1 Solution Manager | 2024-02-28 | 5.5 MEDIUM | 8.2 HIGH |
SAP Solution Manager (Problem Context Manager), version 7.2, does not perform the necessary authentication, allowing an attacker to consume large amounts of memory, causing the system to crash and read restricted data (files visible for technical administration users of the diagnostics agent). | |||||
CVE-2020-25216 | 1 Yworks | 1 Yed | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet. | |||||
CVE-2014-1409 | 1 Mobileiron | 2 Sentry, Virtual Smartphone Platform | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 have an authentication bypass vulnerability due to an XML file with obfuscated passwords | |||||
CVE-2019-4539 | 1 Ibm | 1 Security Directory Server | 2024-02-28 | 5.5 MEDIUM | 7.1 HIGH |
IBM Security Directory Server 6.4.0 does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system. IBM X-Force ID: 165812. | |||||
CVE-2019-8158 | 1 Magento | 1 Magento | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An XPath entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An attacker can craft a GET request to page cache block rendering module that gets passed to XML data processing engine without validation. The crafted key/value GET request data allows an attacker to limited access to underlying XML data. |