• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-611

CVE-2020-24591

February 26, 2023 by

The Management Console in certain WSO2 products allows XXE attacks during EventReceiver updates. This affects API Manager through 3.0.0, API Manager Analytics 2.2.0 and 2.5.0, API Microgateway 2.2.0, Enterprise Integrator 6.2.0 and 6.3.0, and Identity Server Analytics through 5.6.0.

CVE-2020-24454

February 26, 2023 by

Improper Restriction of XML External Entity Reference in subsystem forIntel(R) Quartus(R) Prime Pro Edition before version 20.3 and Intel(R) Quartus(R) Prime Standard Edition before version 20.2 may allow unauthenticated user to potentially enable information disclosure via network access.

CVE-2020-24379

February 26, 2023 by

WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to XXE injection.

CVE-2020-24052

February 26, 2023 by

Several XML External Entity (XXE) vulnerabilities in the Moog EXO Series EXVF5C-2 and EXVP7C2-3 units allow remote unauthenticated users to read arbitrary files via a crafted Document Type Definition (DTD) in an XML request.

CVE-2020-2324

February 26, 2023 by

Jenkins CVS Plugin 2.16 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

CVE-2020-2305

February 26, 2023 by

Jenkins Mercurial Plugin 2.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 39
  • Go to page 40
  • Go to page 41
  • Go to page 42
  • Go to page 43
  • Interim pages omitted …
  • Go to page 107
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE