CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

SUSE CVE•added 2023/02/15 5:32 a.m.•2 views

SUSE CVE-2014-0452

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423...

7.5CVSS6.6AI score0.03851EPSS

Exploits0References13

OSV•added 2022/01/19 5:15 p.m.•4 views

CVE-2022-22310

IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to JAX-WS applications. IBM X-Force ID: 217224...

6.5CVSS7.2AI score0.00242EPSS

Exploits0References2

CNNVD•added 2022/01/18 12:0 a.m.•1 views

IBM WebSphere Application Server Liberty 加密问题漏洞

IBM WebSphere Application Server Liberty is a U.S. IBM company built on the Open Liberty project on top of the Java application server . A security vulnerability exists in IBM WebSphere Application Server Liberty that can be exploited by an attacker to bypass access restrictions to WebSphere AS...

6.5CVSS5.7AI score0.00242EPSS

Exploits0References7

Snyk•added 2021/05/28 12:51 p.m.•3 views

Cross-site Scripting (XSS)

Overview org.jboss.resteasy:resteasy-jaxrs is a JCP specification that provides a Java API for RESTful Web Services over the HTTP protocol. Affected versions of this package are vulnerable to Cross-site Scripting XSS. It did not properly handle URL encoding when the RESTEASY003870 exception occur...

7.1CVSS5.4AI score0.00344EPSS

Exploits1References2

RedHat Linux•added 2017/11/28 8:43 p.m.•4 views

OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAX-WS. Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoco...

5.3CVSS7.4AI score0.00602EPSS

Exploits0References4

CNVD•added 2017/11/16 12:0 a.m.•1 views

Apache CXF Denial of Service Vulnerability (CNVD-2017-34229)

Apache CXF is the United States Apache Apache Software Foundation of an open source Web services framework. The framework supports a variety of Web services standards , a variety of front-end programming APIs. Apache CXF versions prior to 3.2.1 and 3.1.14 prior to the JAX-WS and JAX-RS services i...

5.5CVSS6.7AI score0.03566EPSS

Exploits3References1

RedHat Linux•added 2017/10/23 7:44 a.m.•4 views

OpenJDK: unbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100)

5.3CVSS7.4AI score0.00602EPSS

Exploits0References4

RedHat Linux•added 2017/07/20 3:58 p.m.•1 views

OpenJDK: insecure XML parsing in wsdlimport (JAX-WS, 8182054)

It was discovered that the wsdlimport tool in the JAX-WS component of OpenJDK did not use secure XML parser settings when parsing WSDL XML documents. A specially crafted WSDL document could cause wsdlimport to use an excessive amount of CPU and memory, open connections to other hosts, or leak...

6.5CVSS7.3AI score0.00679EPSS

Exploits0References5

RedHat Linux•added 2015/02/24 1:44 p.m.•2 views