Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2023-40743

Malicious code in bioql PyPI...

7CVSS7.4AI score0.02252EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/20 4:49 p.m.19 views

Security Bulletin: Apache Axis1 CVE-2023-40743 security vulnerability in FileNet Content Manager, Process Engine Process Orchestration

Summary Apache Axis1 CVE-2023-40743 security vulnerability in FileNet Content Manager, Process Engine Process Orchestration. Affected, not vulnerable. Vulnerability Details CVEID:CVE-2023-40743 DESCRIPTION: UNSUPPORTED WHEN ASSIGNED When integrating Apache Axis 1.x in an application, it may not...

9.8CVSS6.8AI score0.01931EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/31 9:0 a.m.36 views

Security Bulletin: IBM Sterling Control Center is vulnerable to denial of service attack due to Apache Axis (CVE-2023-40743)

Summary IBM Sterling Control Center uses Apache Axis. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-40743 DESCRIPTION: Apache Axis could allow a remote attacker to execute arbitrary code on the system, caused by improper input...

9.8CVSS9.8AI score0.01931EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2023/11/03 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-6470-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.01931EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2023/11/02 9:23 a.m.58 views

USN-6470-1: Axis vulnerability

It was discovered that Axis incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2023-40743...

9.8CVSS8.4AI score0.01931EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/02 12:0 a.m.29 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Axis vulnerability (USN-6470-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has a package installed that is affected by a vulnerability as referenced in the USN-6470-1 advisory. It was discovered that Axis incorrectly handled certain inputs. If a user or an automated system were tricked...

9.8CVSS8.5AI score0.01931EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/10/23 12:0 a.m.24 views

Debian: Security Advisory (DLA-3622-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.01931EPSS
Exploits0References4
Debian
Debian
added 2023/10/17 12:51 p.m.30 views

[SECURITY] [DLA 3622-1] axis security update

Debian LTS Advisory DLA-3622-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany October 17, 2023 https://wiki.debian.org/LTS Package : axis Version : 1.4-28+deb10u1 CVE ID : CVE-2023-40743 Debian Bug : 1051288 Letian Yuan discovered a flaw in Apache Axis 1.x, a SOA...

9.8CVSS7.4AI score0.01931EPSS
Exploits0
Circl
Circl
added 2023/09/05 6:17 p.m.7 views

CVE-2023-40743

creationtimestamp| type| source ---|---|--- 2023-09-05 18:17:06+00:00| published-proof-of-concept| https://t.me/cibsecurity/69856...

9.8CVSS8.3AI score0.01931EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2023/09/05 3:30 p.m.7 views

cn.net.vidyo:dylink-vidyo-ws-sdk (>=2.1.0.16.RELEASE <=3.0.0.3.RELEASE), com.aftia.plugin:aem-build-maven-plugin.core (>=1.2.1 <=1.2.2) +286 more potentially affected by CVE-2023-40743 via org.apache.axis:axis (=1.4)

org.apache.axis:axis MAVEN version =1.4 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.axis:axis and may be impacted: - cn.net.vidyo:dylink-vidyo-ws-sdk =2.1.0.16.RELEASE, =1.2.1, =1.0.0, =1.4-build003, =0.9.1, =0.0.3.M1, =0.0.3.M1,...

9.8CVSS7.1AI score0.01931EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/09/05 2:42 p.m.45 views

CVE-2023-40743 Apache Axis 1.x (EOL) may allow RCE when untrusted input is passed to getService

UNSUPPORTED WHEN ASSIGNED When integrating Apache Axis 1.x in an application, it may not have been obvious that looking up a service through "ServiceFactory.getService" allows potentially dangerous lookup mechanisms such as LDAP. When passing untrusted input to this API method, this could expose...

9.4AI score0.01931EPSS
Exploits0References3
Rows per page
Query Builder