Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.24 views

EUVD-2022-5742

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.07958EPSS
Exploits1References15
Github Security Blog
Github Security Blog
added 2022/05/13 1:25 a.m.66 views

Apache MyFaces Trinidad Deserialization Vulnerability

CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0.13, 1.2.x before 1.2.15, 2.0.x before 2.0.2, and 2.1.x before 2.1.2 might allow attackers to conduct deserialization attacks via a crafted serialized viewstate string...

9.8CVSS8.7AI score0.07958EPSS
Exploits1References15Affected Software1
OSV
OSV
added 2022/05/13 1:25 a.m.38 views

GHSA-X7RC-4GQW-3Q6Q Apache MyFaces Trinidad Deserialization Vulnerability

CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0.13, 1.2.x before 1.2.15, 2.0.x before 2.0.2, and 2.1.x before 2.1.2 might allow attackers to conduct deserialization attacks via a crafted serialized viewstate string...

9.8CVSS9.1AI score0.07958EPSS
Exploits1References15
CNNVD
CNNVD
added 2021/02/18 12:0 a.m.6 views

Apache MyFaces Trinidad 跨站请求伪造漏洞

Apache MyFaces Trinidad is a U.S. Apache Apache Foundation contains a large number of enterprise-class component libraries and support for attachment JSF framework. A cross-site request forgery vulnerability exists in Apache MyFaces. The vulnerability stems from a lack of proper validation of...

7.5CVSS6.8AI score0.03026EPSS
Exploits3References27
Tenable Nessus
Tenable Nessus
added 2017/07/21 12:0 a.m.85 views

Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (July 2017 CPU)

According to its self-reported version number, the Oracle Primavera P6 Enterprise Project Portfolio Management EPPM installation running on the remote web server is 8.3.x prior to 8.3.15.4, 8.4.x prior to 8.4.15.2, 15.x prior to 15.2.15.1, or 16.x prior to 16.2.9.0. It is, therefore, affected by...

9.8CVSS6.5AI score0.07958EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2017/01/25 12:0 a.m.49 views

Oracle Enterprise Manager Cloud Control Multiple Vulnerabilities (January 2017 CPU)

The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in the Enterprise Manager Base Platform component : - A flaw exists in the Bouncy Castle Java library due to improper validation of a point within the elliptic curve. An...

9.8CVSS7.9AI score0.07958EPSS
Exploits1References3
CNVD
CNVD
added 2016/10/10 12:0 a.m.12 views

Apache MyFaces Trinidad Remote Code Execution Vulnerability

Apache MyFaces Trinidad is a U.S. Apache Apache Software Foundation contains a large number of enterprise-class component libraries and support for attachment JSF framework. A remote code execution vulnerability exists in CoreResponseStateManager in Apache MyFaces Trinidad, which can be exploited...

9.8CVSS9.7AI score0.07958EPSS
Exploits1References1
NVD
NVD
added 2016/10/03 6:59 p.m.25 views

CVE-2016-5019

CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0.13, 1.2.x before 1.2.15, 2.0.x before 2.0.2, and 2.1.x before 2.1.2 might allow attackers to conduct deserialization attacks via a crafted serialized view state string...

9.8CVSS9.2AI score0.07958EPSS
Exploits1References13
OSV
OSV
added 2016/10/03 6:59 p.m.12 views

CVE-2016-5019

CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0.13, 1.2.x before 1.2.15, 2.0.x before 2.0.2, and 2.1.x before 2.1.2 might allow attackers to conduct deserialization attacks via a crafted serialized view state string...

9.8CVSS9.2AI score
Exploits0References13
Prion
Prion
added 2016/10/03 6:59 p.m.18 views

Deserialization of untrusted data

CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0.13, 1.2.x before 1.2.15, 2.0.x before 2.0.2, and 2.1.x before 2.1.2 might allow attackers to conduct deserialization attacks via a crafted serialized view state string...

7.5CVSS6.8AI score0.07958EPSS
Exploits1References13Affected Software1
Cvelist
Cvelist
added 2016/10/03 6:0 p.m.36 views

CVE-2016-5019

CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0.13, 1.2.x before 1.2.15, 2.0.x before 2.0.2, and 2.1.x before 2.1.2 might allow attackers to conduct deserialization attacks via a crafted serialized view state string...

9.2AI score0.07958EPSS
Exploits1References13
0day.today
0day.today
added 2016/10/03 12:0 a.m.102 views

Apache MyFaces Trinidad Information Disclosure Vulnerability

Apache MyFaces Trinidad versions 1.0.0 to 1.0.13, 1.2.1 to 1.2.14, 2.0.0 to 2.0.1, and 2.1.0 to 2.1.1 suffer from an information disclosure vulnerability. Clarification: The first line in this CVE 1 was a copy&paste error during message composition and is not part of the CVE. This line can make i...

7.5CVSS8.7AI score0.07958EPSS
Exploits1
Symantec
Symantec
added 2016/09/29 12:0 a.m.210 views

Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability

Description Apache MyFaces Trinidad is prone to a security vulnerability. Successfully exploiting this issue allows attackers to obtain sensitive information or execute arbitrary code in the context of the affected application. Apache MyFaces Trinidad 1.2.14-core , 1.0.13-core , 2.0.1-core and...

7.5CVSS1AI score0.07958EPSS
Exploits1References4Affected Software7
Tenable Nessus
Tenable Nessus
added 2016/09/19 12:0 a.m.98 views

Oracle JDeveloper Multiple RCE (July 2016 CPU)

The version of Oracle JDeveloper installed on the remote host is missing a security patch. It is, therefore, affected by multiple remote code execution vulnerabilities : - A remote code execution vulnerability exists in the Application Development Framework ADF Faces subcomponent that allows an...

9.8CVSS9.4AI score0.07958EPSS
Exploits1References3
Rows per page
Query Builder