Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 8 hours ago4 views

EUVD-2026-39577

A flaw was found in Apicurio Registry. The WSDLReaderAccessor creates a wsdl4j WSDLReader without disabling the javax.wsdl.importDocuments feature. When the VALIDITY rule is set to FULL, an attacker with Developer-role access can upload a WSDL document containing attacker-controlled import...

7.4CVSS6AI score
Exploits0References3
CVE
CVEadded yesterday8 views

CVE-2026-12992

Apicurio Registry is affected by an SSRF flaw in the WSDL handling path. The WSDLReaderAccessor constructs a wsdl4j WSDLReader without disabling javax.wsdl.importDocuments, and with the FULL VALIDITY rule enabled, a Developer-role user can upload a WSDL with attacker-controlled import locations, ...

7.4CVSS6AI score
Exploits0References2
RedhatCVE
RedhatCVEadded yesterday4 views

CVE-2026-12992

A flaw was found in Apicurio Registry. The WSDLReaderAccessor creates a wsdl4j WSDLReader without disabling the javax.wsdl.importDocuments feature. When the VALIDITY rule is set to FULL, an attacker with Developer-role access can upload a WSDL document containing attacker-controlled import...

7.4CVSS6AI score
Exploits0References3
CVE
CVEadded 2019/05/03 7:57 p.m.78 views

CVE-2018-20580

The CVE-2018-20580 vulnerability affects SmartBear ReadyAPI 2.5.0 and 2.6.0, where WSDL import functionality can be abused to execute arbitrary Java code via a crafted parameter in a WSDL file. This is supported by multiple public references and exploits describing remote code execution. CVSSv3 b...

9.3CVSS8.8AI score0.09786EPSS
Exploits5References5Affected Software1
RedHat Linux
RedHat Linuxadded 2017/08/15 7:58 p.m.2 views

OpenJDK: insecure XML parsing in wsdlimport (JAX-WS, 8182054)

It was discovered that the wsdlimport tool in the JAX-WS component of OpenJDK did not use secure XML parser settings when parsing WSDL XML documents. A specially crafted WSDL document could cause wsdlimport to use an excessive amount of CPU and memory, open connections to other hosts, or leak...

6.5CVSS7.3AI score0.02862EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2017/08/14 9:48 a.m.2 views

OpenJDK: insecure XML parsing in wsdlimport (JAX-WS, 8182054)

It was discovered that the wsdlimport tool in the JAX-WS component of OpenJDK did not use secure XML parser settings when parsing WSDL XML documents. A specially crafted WSDL document could cause wsdlimport to use an excessive amount of CPU and memory, open connections to other hosts, or leak...

6.5CVSS7.3AI score0.02862EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2017/07/20 3:59 p.m.3 views

OpenJDK: insecure XML parsing in wsdlimport (JAX-WS, 8182054)

It was discovered that the wsdlimport tool in the JAX-WS component of OpenJDK did not use secure XML parser settings when parsing WSDL XML documents. A specially crafted WSDL document could cause wsdlimport to use an excessive amount of CPU and memory, open connections to other hosts, or leak...

6.5CVSS7.3AI score0.02862EPSS
Exploits0References5
Rows per page
Query Builder