Lucene search
K

103 matches found

Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.26 views

Oracle Siebel Server < 17.6 (April 2018 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2018 CPU advisory. - Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: EAI Apache Tomcat. The supported version that is affected i...

7.5CVSS7AI score0.16567EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2024/08/09 5:25 p.m.20 views

CVE-2024-42367

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions on the 3.10 branch prior to version 3.10.2, static routes which contain files with compressed variants .gz or .br extension are vulnerable to path traversal outside the root directory if those variants are...

4.8CVSS6.5AI score0.00645EPSS
Exploits0
OSV
OSV
added 2024/05/02 1:55 p.m.41 views

CVE-2024-30251 Denial of service when trying to parse malformed POST requests in aiohttp

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In affected versions an attacker can send a specially crafted POST multipart/form-data request. When the aiohttp server processes it, the server will enter an infinite loop and be unable to process any further request...

7.5CVSS6.3AI score0.01085EPSS
Exploits0References8
NVD
NVD
added 2023/05/30 8:15 p.m.19 views

CVE-2023-31185

ROZCOM server framework - Misconfiguration may allow information disclosure via an unspecified request...

7.5CVSS7.4AI score0.13833EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/30 12:0 a.m.8 views

CVE-2023-31185 ROZCOM server framework

ROZCOM server framework - Misconfiguration may allow information disclosure via an unspecified request...

7.5CVSS7.4AI score0.13833EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/30 12:0 a.m.23 views

CVE-2023-31185 ROZCOM server framework

ROZCOM server framework - Misconfiguration may allow information disclosure via an unspecified request...

7.5CVSS7.5AI score0.13833EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/05/28 2:46 p.m.3 views

CVE-2023-31185

ROZCOM server framework - Misconfiguration may allow information disclosure via an unspecified request...

7.5CVSS5.9AI score0.13833EPSS
Exploits0References2
OSV
OSV
added 2022/12/05 6:30 a.m.41 views

GHSA-Q5J9-F95W-F4PR TERASOLUNA Server Framework vulnerable to ClassLoader manipulation

TERASOLUNA Global Framework 1.0.0 Public review version and TERASOLUNA Server Framework for Java Rich 2.0.0.2 to 2.0.5.1 are vulnerable to ClassLoader manipulation due to using the old version of Spring Framework which contains the vulnerability. The vulnerability is caused by an improper input...

7.8CVSS7.7AI score0.00407EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2022/12/05 6:30 a.m.28 views

TERASOLUNA Server Framework vulnerable to ClassLoader manipulation

TERASOLUNA Global Framework 1.0.0 Public review version and TERASOLUNA Server Framework for Java Rich 2.0.0.2 to 2.0.5.1 are vulnerable to ClassLoader manipulation due to using the old version of Spring Framework which contains the vulnerability. The vulnerability is caused by an improper input...

7.8CVSS7.7AI score0.00407EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2022/12/05 4:15 a.m.81 views

CVE-2022-43484

TERASOLUNA Global Framework 1.0.0 Public review version and TERASOLUNA Server Framework for Java Rich 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an...

7.8CVSS0.00407EPSS
Exploits1References3
Prion
Prion
added 2022/12/05 4:15 a.m.29 views

Input validation

TERASOLUNA Global Framework 1.0.0 Public review version and TERASOLUNA Server Framework for Java Rich 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an...

4.4CVSS7.8AI score0.00407EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2022/12/05 12:0 a.m.68 views

CVE-2022-43484

TERASOLUNA Global Framework 1.0.0 Public review version and TERASOLUNA Server Framework for Java Rich 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an...

8AI score0.00407EPSS
Exploits1References3
CVE
CVE
added 2022/12/05 12:0 a.m.76 views

CVE-2022-43484

The CVE-2022-43484 issue affects TERASOLUNA Global Framework 1.0.0 and TERASOLUNA Server Framework for Java (Rich) 2.0.0.2–2.0.5.1, caused by improper input validation in the binding mechanism of Spring MVC due to an old Spring Framework version. By processing a specially crafted file, an attacke...

7.8CVSS7.8AI score0.00407EPSS
Exploits1References3Affected Software2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/11/14 7:45 a.m.3 views

TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java (Rich) vulnerable to ClassLoader manipulation

Overview The past versions of TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java Rich are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability. According to the developer, this vulnerability is...

9.8CVSS7AI score0.00407EPSS
Exploits1References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/11/14 12:0 a.m.66 views

JVN#54728399: TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java (Rich) vulnerable to ClassLoader manipulation

The past versions of TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java Rich are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability. According to the developer, this vulnerability is caused by ...

7.8CVSS7.8AI score0.00407EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/05/25 12:0 a.m.3 views

be.yildiz-games:module-webserver-undertow (>=1.0.0 <=1.1.1), br.eti.clairton:ds-test (>=0.4.0 <=1.2.1) +2233 more potentially affected by CVE-2021-3629 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=2.0.3.Final)

io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =1.0.0, =0.4.0, =2.0.0, =1.0.2, =1.0.0, =1.0, =1.0, =0.1.0, =3.0.0.RELEASE, =0.0.1-jdk1.8-RELEASES, =0.0.1-jdk1.8-RELEASES, =0.1.4-jdk1.8-RELEASES, =0.1.5-jdk1.8-RELEASES and more Source cves: CVE-2021-3629 Source advisory:...

5.9CVSS6.7AI score0.01175EPSS
Exploits0
CNNVD
CNNVD
added 2021/08/11 12:0 a.m.2 views

node core 信任管理问题漏洞

node core is a Node.js server-side infrastructure framework based on Egg.js. Node Core is vulnerable to a trust management issue. No information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor announcements...

5.3CVSS7AI score0.1473EPSS
Exploits1References31
CNNVD
CNNVD
added 2021/08/11 12:0 a.m.2 views

node core 资源管理错误漏洞

node core is a Node.js server-side infrastructure framework based on Egg.js. Node Core suffers from a Resource Management Error vulnerability. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or the vendor announcement...

7.5CVSS7AI score0.13861EPSS
Exploits0References33
OSV
OSV
added 2021/07/21 3:15 p.m.5 views

CVE-2021-2353

Vulnerability in the Siebel Core - Server Framework product of Oracle Siebel CRM component: Loging. Supported versions that are affected are 21.5 and Prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Siebel Core - Server Framework...

4.4CVSS5.8AI score0.00289EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/07/20 10:43 p.m.13 views

CVE-2021-2353

Vulnerability in the Siebel Core - Server Framework product of Oracle Siebel CRM component: Loging. Supported versions that are affected are 21.5 and Prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Siebel Core - Server Framework...

4.4CVSS5.8AI score0.00289EPSS
Exploits0References1
Rows per page
Query Builder