Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.42 views

EUVD-2022-2310

Malicious code in bioql PyPI...

6.4CVSS6.2AI score0.114EPSS
Exploits0References13
Github Security Blog
Github Security Blog
added 2022/05/17 4:39 a.m.33 views

XML Injection in Apache Solr

The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Enti...

6.4CVSS6AI score0.114EPSS
Exploits0References8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:23 a.m.29 views

Security Bulletin: Multiple vulnerabilities in Apache Solr affect IBM Rational ClearQuest (CVE-2013-6407, CVE-2013-6408)

Summary The Apache Solr that is shipped with IBM Rational ClearQuest contains multiple security vulnerabilities. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2013-6407 DESCRIPTION: Apache Solr could allow a remote authenticated attacker to obtain...

6.4CVSS0.4AI score0.114EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/02/13 12:0 a.m.36 views

Apache Solr < 5.0 Multiple XXE

Binary data 9943.prm...

7.5CVSS6.7AI score0.114EPSS
Exploits0References4
Debian
Debian
added 2014/06/17 7:32 p.m.49 views

[SECURITY] [DSA 2963-1] lucene-solr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2963-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 17, 2014 http://www.debian.org/security/faq -...

6.4CVSS6.5AI score0.56255EPSS
Exploits1
OpenVAS
OpenVAS
added 2014/06/16 12:0 a.m.34 views

Debian: Security Advisory (DSA-2963-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.56255EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2014/01/15 5:45 p.m.65 views

Important: Red Hat Security Advisory: Red Hat JBoss Data Grid 6.2.0 update

Red Hat JBoss Data Grid 6.2.0, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base...

7.5CVSS6.2AI score0.56255EPSS
Exploits2References10
RedHat Linux
RedHat Linux
added 2014/01/15 5:45 p.m.6 views

Solr: XML eXternal Entity (XXE) flaw in DocumentAnalysisRequestHandler

The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Enti...

6.4CVSS5.8AI score0.114EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/01/07 12:0 a.m.44 views

Apache Solr < 4.1.0 Multiple XML External Entity Injections

The version of Apache Solr running on the remote web server is affected by multiple XML external entity injection vulnerabilities because the XML parser accepts XML data containing external entity declarations from untrusted sources. A remote, unauthenticated attacker can exploit this flaw to gai...

7.5CVSS5.8AI score0.114EPSS
Exploits0References4
Prion
Prion
added 2013/12/07 9:55 p.m.28 views

Xxe

The 1 UpdateRequestHandler for XSLT or 2 XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, different...

7.5CVSS7.2AI score0.114EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2013/12/07 8:55 p.m.8 views

CVE-2013-6407

The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

6.5AI score
Exploits0References7
CVE
CVE
added 2013/12/07 8:0 p.m.123 views

CVE-2013-6407

CVE-2013-6407 (Apache Solr; Lucene-Solr) : The UpdateRequestHandler for XML in Solr before 4.1 is vulnerable to XML External Entity (XXE). A crafted XML with an external entity declaration and an entity reference can cause information disclosure. Affected: Solr/Lucene-Solr prior to 4.1. Root caus...

6.4CVSS6.6AI score0.114EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder