XXE - CVE CyberSecurity Database News (Page 2)

Jun 13, 2024 XXE Exploit

CVE-2024-34102: XXE Vulnerability Plagues Adobe Commerce, Potentially Leading to Arbitrary Code Execution

Researchers have disclosed a new security vulnerability, CVE-2024-34102, that affects several versions of Adobe Commerce, including versions 2.4.7, 2.4.6-p5, 2.4.

Apr 17, 2024 XXE Exploit PHP IBM WebSphere Application Server

CVE-2024-22354 - XML External Entity Injection Vulnerability Found in IBM WebSphere Application Server Versions 8.5, 9., and Liberty 17...3 to 24...5

Security researchers have discovered a critical vulnerability in IBM WebSphere Application Server versions 8.5, 9. and IBM WebSphere Application Server Liberty 17...3 through

Feb 29, 2024 XXE Exploit Java IBM Security Guardium Key Lifecycle Manager

CVE-2023-25926 - XML External Entity Injection (XXE) vulnerability in IBM Security Guardium Key Lifecycle Manager and its implications

IBM Security Guardium Key Lifecycle Manager (GKLM) is widely utilized to manage encryption keys across an organization, ensuring protection against unauthorized data loss. It plays

Feb 27, 2024 XXE Exploit Apache PHP

CVE-2023-50380: XML External Entity Injection Vulnerability in Apache Ambari Versions <= 2.7.7

A severe security vulnerability has been discovered in Apache Ambari versions up to and including 2.7.7, which can lead to root-level file reading

Oct 6, 2023 XXE Exploit gradle

CVE-2023-42445 - Gradle XML External Entity Injection (XXE) Vulnerability with OOB-XXE Attack: Exploitation, Mitigation, and Code Examples

Gradle, a popular build automation tool supporting various programming languages, has been found to be vulnerable to an XML External Entity Injection (XXE) attack, specifically