CWE-611
Improper Restriction of XML External Entity Reference
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
1,228 vulnerabilities with CWE-611
CVE-2025-4949
MEDIUM
Eclipse Jgit < 5.13.4 - Denial of Service
CVSS 5.3
CVE-2025-27523
HIGH
Hitachi JP1/IT Desktop Management 2 - Smart Device Manager <12-00-0...
CVSS 8.7
CVE-2025-4641
CRITICAL
bonigarcia webdrivermanager <6.0.2 - SSRF
CVE-2025-4639
HIGH
Peergos <1.1.0 - XML External Entity Reference
CVE-2025-47778
MEDIUM
Sulu < 2.5.25 - XXE
CVE-2025-30018
HIGH
SAP SRM - Info Disclosure
CVSS 8.6
CVE-2025-2777
CRITICAL
SysAid On-Prem <= 23.3.40 - XML External Entity
CVSS 9.3
CVE-2025-2776
CRITICAL
KEV
SysAid On-Prem <= 23.3.40 - XML External Entity
CVSS 9.3
CVE-2025-2775
CRITICAL
KEV
SysAid On-Prem <= 23.3.40 - XML External Entity
CVSS 9.3
CVE-2025-22478
HIGH
Dell Storage Manager - XXE
CVSS 8.1
CVE-2025-46726
CRITICAL
Langroid <0.53.4 - DoS
CVSS 9.1
CVE-2025-2905
CRITICAL
WSO2 Products - XXE
CVSS 9.1
CVE-2025-34490
MEDIUM
GFI Mailessentials < 21.8 - XXE
CVSS 6.5
CVE-2025-2070
MEDIUM
FileZ - Info Disclosure
CVSS 5.0
CVE-2025-24911
MEDIUM
Hitachi V - Info Disclosure
CVSS 4.9
CVE-2025-24910
MEDIUM
Hitachi V - Info Disclosure
CVSS 4.9
CVE-2025-31497
HIGH
TEIGarage - XXE Injection
CVSS 7.5
CVE-2025-32406
HIGH
NAKIVO Backup & Replication <11.0.2 - XSS
CVSS 8.6
CVE-2025-32138
MEDIUM
Supsystic Easy Google Maps <1.11.17 - XML Injection
CVSS 6.6
CVE-2025-3241
MEDIUM
zhangyanbo2007 youkefu <4.2.0 - SSRF
CVSS 6.3
CVE-2025-31487
HIGH
Org.xwiki.contrib.jira Jira-macro-default < 8.5.6 - XXE
CVSS 7.7
CVE-2025-1781
MEDIUM
W3CSS Validator <cssval-20250226 - SSRF
CVSS 6.5
CVE-2025-29932
MEDIUM
JetBrains GoLand <2025.1 - XSS
CVSS 4.1
CVE-2025-25036
MEDIUM
Jalios JPlatform <10.0.8 - XML Injection
CVSS 6.8
CVE-2025-2365
MEDIUM
crmeb_java <1.3.4 - SSRF
CVSS 6.3
Details
Vulnerabilities
1,228