CVE-2023-25926 - XML External Entity Injection (XXE) vulnerability in IBM Security Guardium Key Lifecycle Manager and its implications
IBM Security Guardium Key Lifecycle Manager (GKLM) is widely utilized to manage encryption keys across an organization, ensuring protection against unauthorized data loss. It plays
CVE-2023-50380: XML External Entity Injection Vulnerability in Apache Ambari Versions <= 2.7.7
A severe security vulnerability has been discovered in Apache Ambari versions up to and including 2.7.7, which can lead to root-level file reading
CVE-2023-42445 - Gradle XML External Entity Injection (XXE) Vulnerability with OOB-XXE Attack: Exploitation, Mitigation, and Code Examples
Gradle, a popular build automation tool supporting various programming languages, has been found to be vulnerable to an XML External Entity Injection (XXE) attack, specifically
CVE-2023-41933: Jenkins Job Configuration History Plugin Vulnerable to XML External Entity Attacks
Recently, a critical vulnerability has been discovered in Jenkins Job Configuration History Plugin (versions 1227.v7a_79fc4dc01f and earlier) which exposes users to XML External
CVE-2023-41635: XXE Vulnerability in GruppoSCAI RealGimm v1.1.37p38 - VerifichePeriodiche.aspx Component
It has recently come to light that GruppoSCAI's RealGimm v1.1.37p38 software, specifically its VerifichePeriodiche.aspx component, is prone to an XML
Episode
00:00:00
00:00:00