Total
1076 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-5602 | 1 Mitsubishielectric | 20 Cpu Module Logging Configuration Tool, Cw Configurator, Em Configurator and 17 more | 2024-08-04 | 7.5 High |
| Mitsubishi Electoric FA Engineering Software (CPU Module Logging Configuration Tool Ver. 1.94Y and earlier, CW Configurator Ver. 1.010L and earlier, EM Software Development Kit (EM Configurator) Ver. 1.010L and earlier, GT Designer3 (GOT2000) Ver. 1.221F and earlier, GX LogViewer Ver. 1.96A and earlier, GX Works2 Ver. 1.586L and earlier, GX Works3 Ver. 1.058L and earlier, M_CommDTM-HART Ver. 1.00A, M_CommDTM-IO-Link Ver. 1.02C and earlier, MELFA-Works Ver. 4.3 and earlier, MELSEC-L Flexible High-Speed I/O Control Module Configuration Tool Ver.1.004E and earlier, MELSOFT FieldDeviceConfigurator Ver. 1.03D and earlier, MELSOFT iQ AppPortal Ver. 1.11M and earlier, MELSOFT Navigator Ver. 2.58L and earlier, MI Configurator Ver. 1.003D and earlier, Motion Control Setting Ver. 1.005F and earlier, MR Configurator2 Ver. 1.72A and earlier, MT Works2 Ver. 1.156N and earlier, RT ToolBox2 Ver. 3.72A and earlier, and RT ToolBox3 Ver. 1.50C and earlier) allows an attacker to conduct XML External Entity (XXE) attacks via unspecified vectors. | ||||
| CVE-2020-2324 | 1 Jenkins | 1 Cvs | 2024-08-04 | 7.5 High |
| Jenkins CVS Plugin 2.16 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2304 | 2 Jenkins, Redhat | 2 Subversion, Openshift | 2024-08-04 | 6.5 Medium |
| Jenkins Subversion Plugin 2.13.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2305 | 2 Jenkins, Redhat | 2 Mercurial, Openshift | 2024-08-04 | 6.5 Medium |
| Jenkins Mercurial Plugin 2.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2284 | 1 Jenkins | 1 Liquibase Runner | 2024-08-04 | 7.1 High |
| Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2245 | 1 Jenkins | 1 Valgrind | 2024-08-04 | 7.1 High |
| Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2247 | 1 Jenkins | 1 Klocwork Analysis | 2024-08-04 | 6.5 Medium |
| Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2178 | 1 Jenkins | 1 Parasoft Findings | 2024-08-04 | 7.1 High |
| Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2144 | 1 Jenkins | 1 Rundeck | 2024-08-04 | 7.1 High |
| Jenkins Rundeck Plugin 3.6.6 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2138 | 1 Jenkins | 1 Cobertura | 2024-08-04 | 7.1 High |
| Jenkins Cobertura Plugin 1.15 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2120 | 1 Jenkins | 1 Fitnesse | 2024-08-04 | 8.8 High |
| Jenkins FitNesse Plugin 1.30 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2171 | 1 Jenkins | 1 Rapiddeploy | 2024-08-04 | 8.8 High |
| Jenkins RapidDeploy Plugin 4.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2115 | 1 Jenkins | 1 Nunit | 2024-08-04 | 8.8 High |
| Jenkins NUnit Plugin 0.25 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-2108 | 1 Jenkins | 1 Websphere Deployer | 2024-08-04 | 7.6 High |
| Jenkins WebSphere Deployer Plugin 1.6.1 and earlier does not configure the XML parser to prevent XXE attacks which can be exploited by a user with Job/Configure permissions. | ||||
| CVE-2020-2092 | 1 Jenkins | 1 Robot Framework | 2024-08-04 | 8.8 High |
| Jenkins Robot Framework Plugin 2.0.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks, allowing users with Job/Configure to have Jenkins parse crafted XML documents. | ||||
| CVE-2020-1693 | 1 Redhat | 1 Spacewalk | 2024-08-04 | 8.6 High |
| A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server. | ||||
| CVE-2021-46660 | 1 Signiant | 1 Manager\+agents | 2024-08-04 | 9.8 Critical |
| Signiant Manager+Agents before 15.1 allows XML External Entity (XXE) attacks. | ||||
| CVE-2021-46365 | 1 Magnolia-cms | 1 Magnolia Cms | 2024-08-04 | 7.8 High |
| An issue in the Export function of Magnolia v6.2.3 and below allows attackers to execute XML External Entity attacks via a crafted XLF file. | ||||
| CVE-2021-45981 | 1 Netscout | 1 Ngeniusone | 2024-08-04 | 9.8 Critical |
| NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack. | ||||
| CVE-2021-45024 | 1 Rocketsoftware | 1 Ags-zena | 2024-08-04 | 9.8 Critical |
| ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to XML External Entity (XXE). | ||||