Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Active Trade Security Vulnerabilities

cve
cve

CVE-2020-36518

jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested...

7.5CVSS

7.4AI Score

0.002EPSS

2022-03-11 07:15 AM
343
11
cve
cve

CVE-2021-36090

When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' zip...

7.5CVSS

7.4AI Score

0.012EPSS

2021-07-13 08:15 AM
292
13
cve
cve

CVE-2021-35515

When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz...

7.5CVSS

7.1AI Score

0.021EPSS

2021-07-13 08:15 AM
224
11
cve
cve

CVE-2021-35517

When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' tar...

7.5CVSS

7.3AI Score

0.014EPSS

2021-07-13 08:15 AM
223
9
cve
cve

CVE-2021-23337

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template...

7.2CVSS

7.1AI Score

0.006EPSS

2021-02-15 01:15 PM
245
10
cve
cve

CVE-2021-21290

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's...

6.2CVSS

5.8AI Score

0.0004EPSS

2021-02-08 08:15 PM
300
23
cve
cve

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS...

6.1CVSS

6AI Score

0.002EPSS

2019-11-08 03:15 PM
169
6
cve
cve

CVE-2008-5627

SQL injection vulnerability in account.asp in Active Trade 2 allows remote attackers to execute arbitrary SQL commands via the (1) username parameter (aka Email field) or the (2) password parameter. NOTE: some of these details are obtained from third party...

8.5AI Score

0.001EPSS

2008-12-17 05:30 PM
20
cve
cve

CVE-2007-1705

SQL injection vulnerability in default.asp in Active Trade 2 allows remote attackers to execute arbitrary SQL commands via the catid...

8.4AI Score

0.004EPSS

2007-03-27 01:19 AM
25