CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

Tenable Nessus•added 2026/05/22 12:0 a.m.•8 views

Unity Linux 20.1070e Security Update: wildfly-security-manager (UTSA-2026-016746)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016746 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

8.5CVSS7.7AI score0.97906EPSS

Exploits9References4

RedhatCVE•added 2026/01/14 1:22 a.m.•7 views

CVE-2026-0500

Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager WorkStation, an unauthenticated attacker could create a malicious JNLP Java Network Launch Protocol file accessible by a public facing URL. When a victim clicks on the URL the accessed Wily Introscope...

9.6CVSS7.1AI score0.00351EPSS

Exploits0References1

Redos•added 2025/07/31 12:0 a.m.•6 views

ROS-20250731-03

A vulnerability in the Java Protocol Buffers protobuf-java runtime library is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

8.7CVSS7.4AI score0.0279EPSS

Exploits0

BDU FSTEC•added 2024/09/27 12:0 a.m.•3 views

The vulnerability of the Java Protocol Buffers protobuf-java environment library, related to insufficient validation of input data, allows attackers to trigger service failures.

The vulnerability of the Java Protocol Buffers protobuf-java environment library is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

7.8CVSS6.8AI score0.0279EPSS

Exploits0References8Affected Software7

Positive Technologies•added 2022/11/11 12:0 a.m.•2 views

PT-2022-6841 · Google +1 · Protobuf-Java +1

Name of the Vulnerable Software and Affected Versions: protobuf-java versions prior to 3.21.7 protobuf-java versions prior to 3.20.3 protobuf-java versions prior to 3.19.6 protobuf-java versions prior to 3.16.3 Description: The issue is related to insufficient input validation in the Java Protoco...

7.8CVSS7.6AI score0.00512EPSS

Exploits0References17

Prion•added 2022/10/26 4:15 p.m.•27 views

Remote code execution

Apache Flume versions 1.4.0 through 1.10.1 are vulnerable to a remote code execution RCE attack when a configuration uses a JMS Source with an unsafe providerURL. This issue is fixed by limiting JNDI to allow only the use of the java protocol or no protocol...

7.5CVSS9.5AI score0.02719EPSS

Exploits0References3Affected Software1

BDU FSTEC•added 2022/10/21 12:0 a.m.•5 views

The vulnerability of the Java Protocol Buffers protobuf-java environment library, related to insufficient validation of input data, allows attackers to trigger service failures.

7.8CVSS6.4AI score0.01048EPSS

Exploits0References6Affected Software5

RedhatCVE•added 2022/09/13 11:14 a.m.•34 views

CVE-2022-34916

Apache Flume versions 1.4.0 through 1.10.0 are vulnerable to a remote code execution RCE attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI to allow only the use of the java...

8.1CVSS5.6AI score0.0231EPSS

Exploits0References3

Positive Technologies•added 2022/08/31 12:0 a.m.•4 views

PT-2022-13793 · Red Hat · Jboss Eap 7

Name of the Vulnerable Software and Affected Versions: Undertow affected versions not specified JBoss EAP 7 Description: A flaw was found in Undertow, where for an AJP 400 response, JBoss EAP 7 improperly sends two response packets with the reuse flag set, even though the connection is closed. Th...

7.5CVSS6.7AI score0.01212EPSS

Exploits0References13

Github Security Blog•added 2022/08/22 12:0 a.m.•44 views

Remote code execution in Apache Flume

9.8CVSS9.2AI score0.0231EPSS

Exploits0References5Affected Software1

Prion•added 2022/08/21 9:15 a.m.•25 views

Remote code execution

7.5CVSS9.5AI score0.0231EPSS

Exploits0References2Affected Software1

Github Security Blog•added 2022/06/15 12:0 a.m.•34 views

Remote Code Execution in Apache Flume

Apache Flume versions 1.4.0 through 1.9.0 are vulnerable to a remote code execution RCE attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI to allow only the use of the java...

9.8CVSS5.5AI score0.04627EPSS

Exploits0References6Affected Software1

ATTACKERKB•added 2022/06/14 8:15 a.m.•4 views

CVE-2022-25167

9.8CVSS7.8AI score0.04627EPSS

Exploits0References4

NVD•added 2022/06/14 8:15 a.m.•19 views

CVE-2022-25167

9.8CVSS0.04627EPSS

Exploits0References3

RedHat Linux•added 2022/04/11 12:59 p.m.•2 views

log4j-core: remote code execution via JDBC Appender

Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a dat...

8.5CVSS7.5AI score0.97906EPSS

Exploits9References5

RedHat Linux•added 2022/01/20 6:55 p.m.•1 views

log4j-core: remote code execution via JDBC Appender

8.5CVSS7.5AI score0.97906EPSS

Exploits9References5

RedHat Linux•added 2022/01/20 6:54 p.m.•0 views

log4j-core: remote code execution via JDBC Appender

8.5CVSS7.5AI score0.97906EPSS

Exploits9References5

RedHat Linux•added 2022/01/20 4:0 p.m.•3 views

log4j-core: remote code execution via JDBC Appender