CVE List by Type: XXE (Filtered by Published Year)

Explore CVEs related to XXE vulnerabilities, filtered by published year. This list is sorted by most recent disclosures first and supports filtering by CVSS and EPSS risk scores.

Includes the most recent vulnerability disclosures and trends, helping security teams quickly identify high-risk issues and exploitation likelihood.

You're viewing XXE CVEs published in 2012. View full CVE list

Showing 14 of 4 results
«« First « Prev Page 1 / 1 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2012-2239 Mahara 1.4.x before 1.4.4 and 1.5.x before 1.5.3 allows remote attackers to read arbitrary files or create TCP connections via an XML external entity (XXE) injection attack, as demonstrated by reading config.php. 9.1 1.55% 2012-11-24 2026-06-16
CVE-2012-4399 The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 allows remote attackers to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack. 7.5 12.09% 2012-10-09 2026-06-16
CVE-2012-3489 The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that triggers a parsing error, via an XML value that refers to (1) a DTD or (2) an entity, related to an XML External Entity (aka XXE) issue. 6.5 3.06% 2012-10-03 2026-06-16
CVE-2012-0037 Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. 6.5 13.68% 2012-06-16 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence