Lucene search
K

5 matches found

Cvelist
Cvelist
added 11 hours ago5 views

CVE-2026-46592 Apache Camel: Camel-CXF: The SOAP operation-selection headers used non-Camel-prefixed names (operationName, operationNamespace) that bypass the HTTP header filter, allowing an HTTP client to redirect the invoked SOAP operation

Improper Input Validation, Unintended Proxy or Intermediary 'Confused Deputy' vulnerability in Apache Camel CXF SOAP component. The camel-cxf producer selects which SOAP operation to invoke on the backend service from the operationName and operationNamespace Exchange header, whose constant values...

Exploits0References1
CVE
CVE
added 11 hours ago5 views

CVE-2026-46592

Summary: Apache Camel Camel-CXF SOAP component is affected by an improper input validation vulnerability where operationName/operationNamespace headers bypass header filtering, allowing an HTTP client to redirect the SOAP operation invoked by the backend service (a confusing-deputy). Impact (as s...

6AI score
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2025-19736

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00229EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/02 12:0 a.m.3 views

PT-2025-27607 · Nokia · Nokia Single Ran Baseband

Name of the Vulnerable Software and Affected Versions: Nokia Single RAN baseband software versions prior to 24R1-SR 1.0 MP Description: The issue arises when a crafted SOAP "provision" operation message archive field is sent within the Mobile Network Operator MNO internal Radio Access Network RAN...

6.5CVSS6.4AI score0.00229EPSS
Exploits0References6
Zero Day Initiative
Zero Day Initiative
added 2010/12/09 12:0 a.m.23 views

CA Multiple Products create_session_bab SOAP Request Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA ARCserve Replication and High Availability. Authentication is not required to exploit this vulnerability. The specific flaw exists within the "createsessionbab" SOAP operation, which is handled ...

10CVSS8AI score0.0532EPSS
Exploits0References1
Rows per page
Query Builder