CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.18 in Java applications, allows an attacker to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment variable before program...

5.3CVSS9.3AI score0.00062EPSS

Exploits0References4

NVD•added 2025/10/01 8:15 a.m.•4 views

CVE-2025-11226

5.9CVSS0.00062EPSS

Exploits0References2

Gitee•added 2025/09/14 6:28 p.m.•87 views

Exploit for CVE-2021-22006

It is an exploit module/toolkit targeting JNDI vulnerabilities. The primary CVE ID is CVE-2021-22006. The target product/service is Java-based applications, specifically those using JNDI services. The vulnerability class/vector is RCE Remote Code Execution, and the probable entry points are...

7.5CVSS7AI score0.57307EPSS

Exploits2

Packet Storm News•added 2025/08/26 12:0 a.m.•3 views

SIExVulTS: Sensitive Information Exposure Vulnerability Detection System Using Transformer Models and Static Analysis

Sensitive Information Exposure SIEx vulnerabilities CWE-200 remain a persistent and under-addressed threat across software systems, often leading to serious security breaches. Existing detection tools rarely target the diverse subcategories of CWE-200 or provide context-aware analysis of code-lev...

6.9AI score

Exploits0

Tenable Nessus•added 2025/08/19 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2024-21217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported...

3.7CVSS6.3AI score0.00096EPSS

Exploits0References2

RedHat Linux•added 2025/07/30 3:55 p.m.•6 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 6.1.1 release and security update

Red Hat JBoss Web Server 6.1.1 zip release is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10, and Windows Server. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CV...

7.5CVSS7AI score0.01278EPSS

Exploits1References6

IBM Security Bulletins•added 2025/07/23 10:40 a.m.•3 views

Security Bulletin: Arbitrary Code Execution via JaninoEventEvaluator in Logback-Core through Malicious Configuration Files or Environment Variables

Summary ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core upto including version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 in Java applications allows attacker to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment variable before...

5.9CVSS7.1AI score0.00169EPSS

Exploits0Affected Software1

RedHat Linux•added 2025/07/21 5:7 p.m.•4 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.7CVSS6.9AI score0.00252EPSS

Exploits0References4

RedHat Linux•added 2025/07/21 4:58 p.m.•4 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 security update

8.7CVSS6.9AI score0.00252EPSS

Exploits0References4

RedHat Linux•added 2025/07/14 4:21 p.m.•8 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 Security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS7.2AI score0.01938EPSS

Exploits11References21

RedHat Linux•added 2025/07/14 3:56 p.m.•14 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 Security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System CVSS base score, which gives a detailed severity...

8.8CVSS7.2AI score0.01938EPSS

Exploits11References22

RedHat Linux•added 2025/07/14 3:55 p.m.•7 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 Security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System CVSS base score, which gives a detailed severity...

8.8CVSS7.2AI score0.01938EPSS

Exploits11References22

Tenable Nessus•added 2025/07/14 12:0 a.m.•4 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.23 Security update (Important) (RHSA-2025:10924)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10924 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release ...

8.8CVSS6.9AI score0.01938EPSS

Exploits11References28

RedHat Linux•added 2025/07/07 1:32 p.m.•5 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.8 Security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.8CVSS6.8AI score0.01938EPSS

Exploits1References25

RedHat Linux•added 2025/07/07 1:27 p.m.•9 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.8 Security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability scoring System CVSS base score, which gives a detailed severity...

8.8CVSS6.8AI score0.01938EPSS

Exploits1References25

Tenable Nessus•added 2025/06/16 12:0 a.m.•3 views

RHEL 7 / 8 / 9 : Red Hat JBoss Enterprise Application Platform 7.4.22 (RHSA-2025:9115)

The remote Redhat Enterprise Linux 7 / 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:9115 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchrono...

8.8CVSS6.5AI score0.00258EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by