Search Vulnerabilities

Grav - XML External Entity Injection via SVG Upload

libxml2: Use after free in xmlParseInternalSubset via improper entity resolution handling

zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 XML Parser import xml external entity reference

pam_usb: xmlReadFile flags=0 permits XXE network entity fetching in conf.c

GeoServer has a Server-Side Request Forgery (SSRF) Vulnerability in its XML Entity Resolution

Apache CXF: XML External Entity (XXE) Injection in W3CMultiSchemaFactory and EndpointReferenceUtils

Jaxp13 XPath XXE via StreamSource and SAXSource

XML External Entity (XXE) injection when documenting untrusted XML content

ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611)

CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side file cont...

In JetBrains IntelliJ IDEA before 2026

Hitachi Vantara Pentaho Data Integration & Analytics - Improper Restriction of XML External Entity Reference

IBM Engineering Lifecycle Management - Jazz Foundation is vulnerable to XML external entity injection (XXE) attack

Apache CXF: XXE vulnerability in WS-Transfer functionality

XML External Entity Injection in extension "Faceted Search" (ke_search)

ERPNext: XML External Entity (XEE) Reference Vulnerability in the EDI Module

changedetection.io: XXE vulnerability in the changedetection.io project

SolidCAM-GPPL-IDE: XML External Entity (XXE) and billion-laughs DoS in VMID parser

Vvveb < 1.0.8.2 XML External Entity Injection via Import

Apache OpenNLP: XXE via Dictionary Parsing in DictionaryEntryPersistor