CVE-2022-45194 CBRN-Analysis before 22 allows XXE attacks, leading to NTLMv2-SSP hash disclosure.
CVE-2016-3626 An XXE attack can occur when parsing am mws XML document in CCM before 22 allows XXE attacks via am mws XML document, leading
CVE-2022-43120 An XSS vulnerability in Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML.
This issue is rated as critical due to the possibility of remote code execution and the fact that it can be exploited via a maliciously
CVE-2022-43570 - XXE Injection Vulnerability in Splunk Enterprise Leads to Sensitive Data Leakage and System Compromise
The security vulnerability CVE-2022-43570 has been detected in various versions of Splunk Enterprise. This security flaw arises due to an XML External Entity (XXE) injection
CVE-2022-3340: XML External Entity (XXE) Vulnerability in Trellix IPS Manager Results in Admin Interface Exploitation
A newly discovered vulnerability, CVE-2022-3340, has been identified in the Trellix IPS Manager versions prior to 10.1 M8. The critical bug occurs due to
CVE-2022-40747 IBM InfoSphere Information Server is vulnerable to an XML External Entity Injection attack. An attacker could exploit this to reveal sensitive information or consume memory resources.
Information on possible vectors of attack and fixes can be found here. Information on possible vectors of attack and fixes can be found here. CVE-2018-3092
Episode
00:00:00
00:00:00