Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

48 matches found

OSV
OSVadded 2019/05/29 6:15 p.m.0 views

GHSA-H896-MX9X-G32G XML External Entity injection in Apache Camel

Apache Camel prior to 2.24.0 contains an XML external entity injection XXE vulnerability CWE-611 due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed...

7.5CVSS7.1AI score0.00961EPSS
Exploits0References18
OSV
OSVadded 2019/05/28 7:29 p.m.30 views

CVE-2019-0188

Apache Camel prior to 2.24.0 contains an XML external entity injection XXE vulnerability CWE-611 due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed...

7.5CVSS7.6AI score0.00961EPSS
Exploits0References16
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2019/05/22 12:0 a.m.163 views

JVN#71498764: Apache Camel vulnerable to XML external entity injection (XXE)

Apache Camel provided by The Apache Software Foundation contains an XML external entity injection XXE vulnerability CWE-611 due to using an outdated vulnerable JSON-lib library. Impact By processing a specially crafted request, an arbitrary file on the server may be read. Solution Update the...

7.5CVSS7.6AI score0.00961EPSS
Exploits0
wpexploit
wpexploitadded 2018/04/23 12:0 a.m.7 views

Outdated VRView Library Used, Leading to Reflected XSS

The vrview = 1.1.3 and wp-vr-view = 1.6 plugins are using an outdated version of the VRView library 2.0.2, which is affected by a reflected cross-site scripting issue. The PoC will be displayed once the issue has been remediated...

1.4AI score
Exploits0References1
CNVD
CNVDadded 2017/12/02 12:0 a.m.2 views

Apache Struts2 S2-054 Denial of Service Vulnerability

Struts2 is Apache Software Foundation is responsible for maintaining a MVC-based design pattern of the Web application framework for open source projects. Apache Struts2 suffers from a S2-054 denial of service vulnerability. Because the Apache Struts REST plugin uses an outdated JSON-lib library ...

6.2CVSS6.9AI score0.01534EPSS
Exploits2References1
NVD
NVDadded 2017/12/01 4:29 p.m.16 views

CVE-2017-15707

In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...

6.2CVSS6.2AI score0.01534EPSS
Exploits2References6
UbuntuCve
UbuntuCveadded 2017/12/01 4:29 p.m.21 views

CVE-2017-15707

In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...

6.2CVSS6.8AI score0.01534EPSS
Exploits2References2
UbuntuCve
UbuntuCveadded 2017/09/20 5:29 p.m.31 views

CVE-2017-9793

The REST Plugin in Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload...

7.5CVSS7.2AI score0.07937EPSS
Exploits22References2
Rows per page
Query Builder