The alibaba (aka com.alibaba.wireless) application 4.1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...
6.6AI Score
0.0005EPSS
Buffer overflow in Alibaba web server allows remote attackers to cause a denial of service via a long GET...
7.1AI Score
0.009EPSS
genkey utility in Alibaba 2.0 generates RSA key pairs with an exponent of 1, which results in transactions that are sent in...
7.4AI Score
0.012EPSS
Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed...
7.4AI Score
0.003EPSS
7.4AI Score
0.019EPSS