Lucene search
K

50 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-3184

Malicious code in bioql PyPI...

4.3CVSS6.3AI score0.02893EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3299

Malicious code in bioql PyPI...

5CVSS7.4AI score0.03597EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2022-2400

Malicious code in bioql PyPI...

5CVSS7.4AI score0.03832EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-3840

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.03978EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.3 views

SUSE CVE-2007-5615

CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

5CVSS7.6AI score0.03597EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/01 6:45 p.m.33 views

Mortbay Jetty Double Slash URI Information Disclosure Vulnerability

Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple / slash characters in the URI...

5CVSS6.9AI score0.03832EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/01 6:35 p.m.26 views

Improper Authentication in Mortbay Jetty

Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors...

7.5CVSS6.1AI score0.03978EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/05/01 6:35 p.m.20 views

GHSA-966R-962G-2JQ5 Mortbay Jetty CRLF Injection Vulnerability

CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

5CVSS7.3AI score0.03597EPSS
Exploits0References8
OSV
OSV
added 2022/05/01 6:35 p.m.4 views

GHSA-FVH3-4V5R-CVVC Improper Authentication in Mortbay Jetty

Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors...

7.3CVSS5.9AI score0.03978EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2022/05/01 6:35 p.m.6 views

ai.catboost:catboost-spark_2.11 (>=0.25-rc1 <=0.25-rc3), ai.catboost:catboost-spark_2.12 (>=0.25-rc1 <=0.25-rc3) +4643 more potentially affected by CVE-2007-5613 via org.mortbay.jetty:jetty (>=6.0.0 <=6.1.5rc0)

org.mortbay.jetty:jetty MAVEN version =6.0.0, =0.25-rc1, =0.25-rc1, =0.25, =0.25, =0.25, =0.25, =0.6.0, =3.20.0.2, =3.20.0.2, =3.20.0.2, =3.20.0.2, =3.8.3.3, =3.42.0.4 and more Source cves: CVE-2007-5613 Source advisory: OSV:GHSA-8H77-9VH5-HW5G...

4.3CVSS5.4AI score0.02893EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2022/05/01 6:35 p.m.29 views

Mortbay Jetty vulnerable to Cross-site scripting

Cross-site scripting XSS vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies...

4.3CVSS4AI score0.02893EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/05/01 6:35 p.m.3 views

GHSA-8H77-9VH5-HW5G Mortbay Jetty vulnerable to Cross-site scripting

Cross-site scripting XSS vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies...

5.3CVSS6AI score0.02893EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/01 7:2 a.m.28 views

Improper Input Validation in Mortbay Jetty

jetty 6.0.x jetty6 beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations...

5CVSS6.7AI score0.0135EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/05/01 7:2 a.m.12 views

GHSA-MQ4X-8WHH-JX73 Improper Input Validation in Mortbay Jetty

jetty 6.0.x jetty6 beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations...

5.3CVSS6.6AI score0.0135EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2022/05/01 2:20 a.m.25 views

Mortbay Jetty Discloses JSP Source Code

Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash %5C characters. NOTE: this might be the same issue as CVE-2006-2758...

5CVSS7.1AI score0.04386EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/01 2:20 a.m.16 views

GHSA-CWQ3-QP8V-W8Q3 Mortbay Jetty Discloses JSP Source Code

Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash %5C characters. NOTE: this might be the same issue as CVE-2006-2758...

5CVSS6.4AI score0.04386EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2019/10/04 9:10 p.m.22 views

CVE-2007-5615

CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

5CVSS7.2AI score0.03597EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2019/10/04 9:10 p.m.20 views

CVE-2007-5614

Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors...

7.5CVSS6.7AI score0.03978EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2019/10/04 9:10 p.m.25 views

CVE-2007-5613

Cross-site scripting XSS vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies...

4.3CVSS5.8AI score0.02893EPSS
Exploits0References3
Veracode
Veracode
added 2018/11/15 1:29 a.m.32 views

Session Hijacking

Mortbay Jetty is vulnerable to session hijacking. Certain quote sequences in the HTML cookie parameters are not properly handled and allows remote attackers to hijack browser sessions...

7.5CVSS6AI score0.03978EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder