Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-4792

Malicious code in bioql PyPI...

9.8CVSS7.8AI score0.0023EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-34719

Malicious code in bioql PyPI...

8.2CVSS8.4AI score0.00486EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2022/10/05 10:44 a.m.0 views

Business-central: Possible XML External Entity Injection attack

An XML external entity injectionXXE vulnerability was found in Business Central. This flaw allows an attacker to interfere with an application's processing of XML data. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. T...

8.2CVSS5.7AI score0.00486EPSS
Exploits0References4
OSV
OSVadded 2022/08/10 8:15 p.m.1 views

CVE-2022-2458

XML external entity injectionXXE is a vulnerability that allows an attacker to interfere with an application's processing of XML data. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. The software processes an XML...

8.2CVSS5.8AI score0.00486EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2022/08/10 8:15 p.m.0 views

CVE-2022-2458

XML external entity injectionXXE is a vulnerability that allows an attacker to interfere with an application's processing of XML data. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. The software processes an XML...

8.2CVSS5.9AI score0.00486EPSS
Exploits0References2
NVD
NVDadded 2022/08/10 8:15 p.m.11 views

CVE-2022-2458

XML external entity injectionXXE is a vulnerability that allows an attacker to interfere with an application's processing of XML data. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. The software processes an XML...

8.2CVSS0.00486EPSS
Exploits0References1
Prion
Prionadded 2022/08/10 8:15 p.m.9 views

Xxe

XML external entity injectionXXE is a vulnerability that allows an attacker to interfere with an application's processing of XML data. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. The software processes an XML...

6.4CVSS8.7AI score0.00486EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2022/08/09 8:15 p.m.2249 views

CVE-2022-2458

CVE-2022-2458 is an XML External Entity (XXE) vulnerability affecting IBM Business Automation Manager/Open Editions (Business Central) and Kie-Server APIs. The weakness arises from processing XML input with external entities due to a weakly configured XML parser, enabling an attacker to cause Ext...

8.2CVSS8.1AI score0.00486EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2022/08/09 8:15 p.m.10 views

CVE-2022-2458

XML external entity injectionXXE is a vulnerability that allows an attacker to interfere with an application's processing of XML data. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. The software processes an XML...

8.4AI score0.00486EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2022/07/18 8:43 a.m.26 views

CVE-2022-2458

An XML external entity injectionXXE vulnerability was found in Business Central. This flaw allows an attacker to interfere with an application's processing of XML data. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. T...

8.2CVSS2.8AI score0.00486EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2022/05/24 4:45 p.m.17 views

Password in config file in KIE server

It has been reported that KIE server and Busitess Central before version 7.21.0.Final contain username and password as plaintext Java properties. Any app deployed on the same server would have access to these properties, thus granting access to ther services...

9.8CVSS2.9AI score0.0023EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2022/05/24 4:45 p.m.13 views

GHSA-PJW3-C74J-M9FJ Password in config file in KIE server

It has been reported that KIE server and Busitess Central before version 7.21.0.Final contain username and password as plaintext Java properties. Any app deployed on the same server would have access to these properties, thus granting access to ther services...

9.8CVSS9.6AI score0.0023EPSS
Exploits0References3
vulnersOsv
vulnersOsvadded 2022/05/24 4:45 p.m.1 views

org.apache.camel:camel-jbpm (>=2.23.0 <=3.0.0-M2), org.apache.camel:camel-jbpm-starter (>=2.23.0 <=3.0.0-M2) +113 more potentially affected by CVE-2016-7043 via org.kie.server:kie-server-common (>=7.0.0.Beta3 <=7.20.0.Final)

org.kie.server:kie-server-common MAVEN version =7.0.0.Beta3, =2.23.0, =2.23.0, =7.14.0.Final, =7.16.0.Final, =7.10.0.Final, =7.10.0.Final, =7.0.0.Beta3, =7.0.0.Beta3, =7.0.0.Beta3, =7.0.0.Beta3, =7.0.0.Beta3, =7.0.0.Beta3, =7.0.0.Beta5 and more Source cves: CVE-2016-7043 Source advisory:...

9.8CVSS6.8AI score0.0023EPSS
Exploits0
NVD
NVDadded 2019/05/15 4:29 p.m.7 views

CVE-2016-7043

It has been reported that KIE server and Busitess Central before version 7.21.0.Final contain username and password as plaintext Java properties. Any app deployed on the same server would have access to these properties, thus granting access to ther services...

9.8CVSS6.8AI score0.0023EPSS
Exploits0References2
OSV
OSVadded 2019/05/15 4:29 p.m.13 views

CVE-2016-7043

It has been reported that KIE server and Busitess Central before version 7.21.0.Final contain username and password as plaintext Java properties. Any app deployed on the same server would have access to these properties, thus granting access to ther services...

9.8CVSS7AI score0.0023EPSS
Exploits0References2
Cvelist
Cvelistadded 2019/05/15 3:46 p.m.11 views

CVE-2016-7043

It has been reported that KIE server and Busitess Central before version 7.21.0.Final contain username and password as plaintext Java properties. Any app deployed on the same server would have access to these properties, thus granting access to ther services...

5.9CVSS9.6AI score0.0023EPSS
Exploits0References2
CVE
CVEadded 2019/05/15 3:46 p.m.73 views

CVE-2016-7043

CVE-2016-7043 affects KIE server and Business Central prior to 7.21.0.Final, where username and password are stored as plaintext Java properties accessible to any app deployed on the same server. This represents a local access risk to services due to insecure credential storage. The vulnerability...

9.8CVSS9.5AI score0.0023EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2019/05/15 12:0 a.m.3 views

PT-2019-7839 · Red Hat · Business Central +1

Name of the Vulnerable Software and Affected Versions: KIE server and Business Central versions prior to 7.21.0.Final Description: A security issue has been reported where username and password are stored as plaintext Java properties. This allows any application deployed on the same server to...

9.8CVSS7.4AI score0.0023EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2019/05/14 9:21 p.m.19 views

CVE-2016-7043

It has been reported that KIE server and Busitess Central before version 7.21.0.Final contain username and password as plaintext Java properties. Any app deployed on the same server would have access to these properties, thus granting access to ther services...

9.8CVSS3.3AI score0.0023EPSS
Exploits0References3
Rows per page
Query Builder