CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

161 matches found

OSV•added 2022/11/21 10:15 a.m.•1 views

UBUNTU-CVE-2022-45146

An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zeroed out while still in use by the module,...

5.5CVSS7.1AI score0.00434EPSS

Exploits1References4

UbuntuCve•added 2022/11/21 12:0 a.m.•37 views

CVE-2022-45146

5.5CVSS6.7AI score0.00434EPSS

Exploits1References3

Cvelist•added 2022/11/21 12:0 a.m.•17 views

CVE-2022-45146

5.9AI score0.00434EPSS

Exploits1References3

CVE•added 2022/11/21 12:0 a.m.•434 views

CVE-2022-45146

CVE-2022-45146 affects the FIPS Java API in BC-FJA (Bouncy Castle) before 1.0.2.4. Changes to the JVM garbage collector in Java 13+ can cause temporary keys used by BC-FJA FIPS modules to be zeroed while still in use, leading to errors or potential information loss. Note: FIPS-certified Java vers...

5.5CVSS5.2AI score0.00434EPSS

Exploits1References3Affected Software1

Github Security Blog•added 2022/10/12 8:13 p.m.•18 views

com.enonic.xp:lib-auth vulnerable to Session Fixation

Impact All id-providers using lib-auth login method. Patches https://github.com/enonic/xp/commit/0189975691e9e6407a9fee87006f730e84f734ff https://github.com/enonic/xp/commit/2abac31cec8679074debc4f1fb69c25930e40842 https://github.com/enonic/xp/commit/1f44674eb9ab3fbab7103e8d08067846e88bace4...

9.8CVSS7.1AI score0.00836EPSS

Exploits0References8Affected Software1

OSV•added 2022/10/12 8:13 p.m.•15 views

GHSA-4M5P-5W5W-3JCF com.enonic.xp:lib-auth vulnerable to Session Fixation

9.8CVSS9.5AI score0.00836EPSS

Exploits0References8

Positive Technologies•added 2022/10/12 12:0 a.m.•4 views

PT-2022-28162 · Enonic · Enonic Xp

Name of the Vulnerable Software and Affected Versions: Enonic XP versions less than 7.7.4 Description: The issue is a session fixation problem that allows a remote and unauthenticated attacker to use prior sessions due to the lack of invalidating session attributes. This affects all id-providers...

9.8CVSS9.3AI score0.00836EPSS

Exploits0References14

IBM Security Bulletins•added 2022/09/26 10:21 p.m.•23 views

Security Bulletin: InfoSphere MashupHub Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

Abstract Java API Documentation contains a frame injection vulnerability. InfoSphere MashupHub ships javadoc files in it's install tree. If these files are made accessible from the internet this vulnerability could be exploited. Content VULNERABILITY DETAILS: CVEID: CVE-2013-1571 DESCRIPTION: HTM...

4.3CVSS7.6AI score0.66817EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2022/09/26 3:31 a.m.•44 views

Security Bulletin: IBM InfoSphere Streams Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

Abstract Java API Documentation contains a frame injection vulnerability. InfoSphere Streams ships javadoc files in it's install tree. If these files are made accessible from the internet this vulnerability could be exploited. Content VULNERABILITY DETAILS: CVEID: CVE-2013-1571 DESCRIPTION: HTML...

4.3CVSS7.6AI score0.66817EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2022/09/26 3:31 a.m.•21 views

Security Bulletin: InfoSphere Guardium Data Redaction Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

Abstract Java API Documentation contains a frame injection vulnerability. Content VULNERABILITY DETAILS: CVEID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link to the...

4.3CVSS7.5AI score0.66817EPSS

Exploits1

IBM Security Bulletins•added 2022/09/26 3:31 a.m.•19 views

Security Bulletin: IBM Sterling Order Management - Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

Abstract Java API Documentation contains a frame injection vulnerability. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link to the...

4.3CVSS7.4AI score0.66817EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2022/09/26 3:29 a.m.•40 views

Security Bulletin: Maximo Asset Management Java API Documentation Frame Injection Vulnerability

4.3CVSS7.5AI score0.66817EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2022/09/26 3:29 a.m.•34 views

Security Bulletin: TADDM Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

4.3CVSS7.4AI score0.66817EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2022/09/26 3:29 a.m.•22 views

Security Bulletin: Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

Abstract Java API Documentation shipped in IBM Tivoli Storage Manager TSM 6.1, 6.2, and 6.3 Windows client packages contains a frame injection vulnerability Content VULNERABILITY DETAILS: The TSM 6.1 Windows client packages and some TSM 6.2 and 6.3 Windows client packages contain documentation...

4.3CVSS7.2AI score0.66817EPSS

Exploits1Affected Software3

IBM Security Bulletins•added 2022/09/25 11:13 p.m.•30 views

Security Bulletin: IBM InfoSphere Master Data Management Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

Abstract API Documentation contains a frame injection vulnerability Content VULNERABILITY DETAILS: CVEID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link to the...

4.3CVSS7.4AI score0.66817EPSS

Exploits1Affected Software2

IBM Security Bulletins•added 2022/09/25 11:13 p.m.•24 views

Security Bulletin: IBM InfoSphere Information Server Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

4.3CVSS7.4AI score0.66817EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2022/09/25 11:13 p.m.•23 views

Security Bulletin: IBM DB2 Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

4.3CVSS7.4AI score0.66817EPSS

Exploits1Affected Software2

IBM Security Bulletins•added 2022/09/25 11:13 p.m.•44 views

Security Bulletin: Informix JDBC Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

Abstract Java API Documentation contains a frame injection vulnerability. Content CVEID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link to the documentation which injects...

4.3CVSS7.6AI score0.66817EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2022/09/25 11:13 p.m.•64 views

Security Bulletin: IBM Sterling Control Center Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

4.3CVSS7.6AI score0.66817EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2022/09/25 11:13 p.m.•35 views

Security Bulletin: SPSS Modeler Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

Abstract Java API Documentation contains a frame injection vulnerability Content VULNERABILITY DETAILS: CVEID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link to the...

4.3CVSS7.6AI score0.66817EPSS

Exploits1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by