• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-611

CVE-2021-44028

February 23, 2023 by

XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an attacker, a related issue to CVE-2018-1285.

CVE-2021-43990

February 23, 2023 by

The affected product is vulnerable to a network-based attack by threat actors supplying a crafted, malicious XML payload designed to trigger an external entity reference call.

CVE-2021-43576

February 23, 2023 by

Jenkins pom2config Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks, allowing attackers with Overall/Read and Item/Read permissions to have Jenkins parse a crafted XML file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery.

CVE-2021-43577

February 23, 2023 by

Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

CVE-2021-43142

February 23, 2023 by

An XML External Entity (XXE) vulnerability exists in wuta jox 1.16 in the readObject method in JOXSAXBeanInput.

CVE-2021-43090

February 23, 2023 by

An XML External Entity (XXE) vulnerability exists in soa-model before 1.6.4 in the WSDLParser function.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 69
  • Go to page 70
  • Go to page 71
  • Go to page 72
  • Go to page 73
  • Interim pages omitted …
  • Go to page 107
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE