CWE-776: CWE-776

CVE-2021-32623 is a billion laughs attack vulnerability in Opencast that allows authenticated users with ingest privileges to execute a permanent deni...

SVGO versions 2.1.0-2.8.0, 3.0.0-3.3.2, and before 4.0.1 are vulnerable to XML entity expansion attacks. Attackers can craft small malicious SVG files...

CVE-2024-28757 is an XML Entity Expansion vulnerability in libexpat that allows attackers to cause denial of service through resource exhaustion when ...

Typecho v1.2.1 is vulnerable to an XML Quadratic Blowup attack through its XML-RPC endpoint at /index.php/action/xmlrpc. This allows attackers to caus...

This CVE describes an XML Entity Expansion (XEE) vulnerability in Tryton Application Platform that allows unauthenticated attackers to send crafted XM...

This XML entity expansion vulnerability in HX 10.0.0 and earlier allows attackers to cause denial of service by sending specially crafted data to the ...

This vulnerability affects Toshiba printers that use XML communication for their API endpoint. Attackers can exploit a time-based blind XML External E...

This vulnerability in Apport's settings file parsing allows a billion laughs attack (XML entity expansion) that can cause denial of service through ex...