103 matches found
Oracle Siebel Server < 17.6 (April 2018 CPU)
The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2018 CPU advisory. - Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: EAI Apache Tomcat. The supported version that is affected i...
CVE-2024-42367
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions on the 3.10 branch prior to version 3.10.2, static routes which contain files with compressed variants .gz or .br extension are vulnerable to path traversal outside the root directory if those variants are...
CVE-2024-30251 Denial of service when trying to parse malformed POST requests in aiohttp
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In affected versions an attacker can send a specially crafted POST multipart/form-data request. When the aiohttp server processes it, the server will enter an infinite loop and be unable to process any further request...
CVE-2023-31185
ROZCOM server framework - Misconfiguration may allow information disclosure via an unspecified request...
CVE-2023-31185 ROZCOM server framework
ROZCOM server framework - Misconfiguration may allow information disclosure via an unspecified request...
CVE-2023-31185 ROZCOM server framework
ROZCOM server framework - Misconfiguration may allow information disclosure via an unspecified request...
CVE-2023-31185
ROZCOM server framework - Misconfiguration may allow information disclosure via an unspecified request...
GHSA-Q5J9-F95W-F4PR TERASOLUNA Server Framework vulnerable to ClassLoader manipulation
TERASOLUNA Global Framework 1.0.0 Public review version and TERASOLUNA Server Framework for Java Rich 2.0.0.2 to 2.0.5.1 are vulnerable to ClassLoader manipulation due to using the old version of Spring Framework which contains the vulnerability. The vulnerability is caused by an improper input...
TERASOLUNA Server Framework vulnerable to ClassLoader manipulation
TERASOLUNA Global Framework 1.0.0 Public review version and TERASOLUNA Server Framework for Java Rich 2.0.0.2 to 2.0.5.1 are vulnerable to ClassLoader manipulation due to using the old version of Spring Framework which contains the vulnerability. The vulnerability is caused by an improper input...
CVE-2022-43484
TERASOLUNA Global Framework 1.0.0 Public review version and TERASOLUNA Server Framework for Java Rich 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an...
Input validation
TERASOLUNA Global Framework 1.0.0 Public review version and TERASOLUNA Server Framework for Java Rich 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an...
CVE-2022-43484
TERASOLUNA Global Framework 1.0.0 Public review version and TERASOLUNA Server Framework for Java Rich 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an...
CVE-2022-43484
The CVE-2022-43484 issue affects TERASOLUNA Global Framework 1.0.0 and TERASOLUNA Server Framework for Java (Rich) 2.0.0.2–2.0.5.1, caused by improper input validation in the binding mechanism of Spring MVC due to an old Spring Framework version. By processing a specially crafted file, an attacke...
TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java (Rich) vulnerable to ClassLoader manipulation
Overview The past versions of TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java Rich are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability. According to the developer, this vulnerability is...
JVN#54728399: TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java (Rich) vulnerable to ClassLoader manipulation
The past versions of TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java Rich are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability. According to the developer, this vulnerability is caused by ...
be.yildiz-games:module-webserver-undertow (>=1.0.0 <=1.1.1), br.eti.clairton:ds-test (>=0.4.0 <=1.2.1) +2233 more potentially affected by CVE-2021-3629 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=2.0.3.Final)
io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =1.0.0, =0.4.0, =2.0.0, =1.0.2, =1.0.0, =1.0, =1.0, =0.1.0, =3.0.0.RELEASE, =0.0.1-jdk1.8-RELEASES, =0.0.1-jdk1.8-RELEASES, =0.1.4-jdk1.8-RELEASES, =0.1.5-jdk1.8-RELEASES and more Source cves: CVE-2021-3629 Source advisory:...
node core 信任管理问题漏洞
node core is a Node.js server-side infrastructure framework based on Egg.js. Node Core is vulnerable to a trust management issue. No information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor announcements...
node core 资源管理错误漏洞
node core is a Node.js server-side infrastructure framework based on Egg.js. Node Core suffers from a Resource Management Error vulnerability. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or the vendor announcement...
CVE-2021-2353
Vulnerability in the Siebel Core - Server Framework product of Oracle Siebel CRM component: Loging. Supported versions that are affected are 21.5 and Prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Siebel Core - Server Framework...
CVE-2021-2353
Vulnerability in the Siebel Core - Server Framework product of Oracle Siebel CRM component: Loging. Supported versions that are affected are 21.5 and Prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Siebel Core - Server Framework...