Lucene search
K

4 matches found

CNNVD
CNNVD
added 2023/04/12 12:0 a.m.5 views

Adobe Substance 3D Stager 缓冲区错误漏洞

Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. A heap buffer overflow vulnerability exists in Adobe Substance 3D Stager in versions 2.0.1 and earlier. The vulnerability stems from a failure to perform security checksums on parameters in a user's context,...

7.8CVSS7.2AI score0.00412EPSS
Exploits0References2
CNVD
CNVD
added 2018/06/13 12:0 a.m.4 views

Schneider Electric U.motion Builder Information Disclosure Vulnerability (CNVD-2018-11390)

U.motion Builder is a builder product from Schneider Electric France. An information disclosure vulnerability exists in the Schneider Electric U.motion Builder that stems from improperly filtered validation of context parameter inputs in HTTP GET requests, which can be exploited by an attacker to...

5.3CVSS6.2AI score0.01102EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/05/14 3:14 p.m.8 views

JAX-RS: Information disclosure via XML eXternal Entity (XXE)

It was found that the default context parameters as provided to RESTEasy deployments by JBoss EAP did not explicitly disable external entity expansion for RESTEasy. A remote attacker could use this flaw to perform XML External Entity XXE attacks on RESTEasy applications accepting XML input...

5CVSS5.8AI score0.03031EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/06/26 3:16 p.m.12 views

JAX-RS: Information disclosure via XML eXternal Entity (XXE)

It was found that the default context parameters as provided to RESTEasy deployments by JBoss EAP did not explicitly disable external entity expansion for RESTEasy. A remote attacker could use this flaw to perform XML External Entity XXE attacks on RESTEasy applications accepting XML input...

5CVSS5.8AI score0.03031EPSS
Exploits0References4
Rows per page
Query Builder