Lucene search
K

332 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:47 a.m.2 views

SUSE CVE-2012-1682

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not...

10CVSS6.5AI score0.05402EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:46 a.m.5 views

SUSE CVE-2012-3136

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-1682...

10CVSS6.6AI score0.0395EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:44 a.m.5 views

SUSE CVE-2012-5087

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans...

10CVSS6.5AI score0.05572EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.5 views

SUSE CVE-2013-0444

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. NOTE: the previous information is from the February 20...

7.6CVSS8.8AI score0.06422EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.5 views

SUSE CVE-2013-1558

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans...

10CVSS5.5AI score0.07192EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:34 a.m.4 views

SUSE CVE-2013-5790

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to BEANS...

4.3CVSS6.4AI score0.0364EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 5:32 a.m.3 views

SUSE CVE-2014-0423

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the Janua...

5.5CVSS6.3AI score0.03616EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:23 a.m.7 views

SUSE CVE-2015-0477

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans...

4.3CVSS8.9AI score0.03307EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2022/12/05 9:8 p.m.3 views

Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations

A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LASTCHUNK from the bytes, causing a denial of service...

4.9CVSS6.6AI score0.00787EPSS
Exploits0References4
Atlassian
Atlassian
added 2022/09/14 6:31 a.m.75 views

Synchrony Proxy: spring-beans 5.3.19 is vulnerable to CVE-2022-22970

h3. Issue Summary spring-beans is vulnerable to CVE-2022-22970 This is reproducible on Data Center: yes h3. Steps to Reproduce Install Confluence 7.13.9 Step 2 h3. Expected Results Expect that synchrony-proxy/WEB-INF/lib contains spring-beans-5.3.20.jar or higher h3. Actual Results...

5.3CVSS6.2AI score0.01978EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:26 p.m.3 views

Malicious code in yelp-beans (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware be411b67dc2c0c762a0f3c006b4883b3a45c372ce12f3cbee68135728d6f3c83 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:26 p.m.4 views

MAL-2022-7334 Malicious code in yelp-beans (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware be411b67dc2c0c762a0f3c006b4883b3a45c372ce12f3cbee68135728d6f3c83 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/06/06 4:0 p.m.3 views

wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled

A flaw was found in Wildfly, where it returns an incorrect caller principal under certain heavily concurrent situations when Elytron Security is used. This flaw allows an attacker to gain improper access to information they should not have...

5.3CVSS5.8AI score0.00842EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/06/06 3:54 p.m.7 views

wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled

A flaw was found in Wildfly, where it returns an incorrect caller principal under certain heavily concurrent situations when Elytron Security is used. This flaw allows an attacker to gain improper access to information they should not have...

5.3CVSS5.8AI score0.00842EPSS
Exploits0References4
OSV
OSV
added 2022/05/24 5:21 p.m.34 views

GHSA-VRMW-2XHQ-HRMP Wildfly Unsafe Deserialization Vulnerability

A vulnerability was found in Wildfly in versions before 20.0.0.Final, where a remote deserialization attack is possible in the Enterprise Application BeansEJB due to lack of validation/filtering capabilities in wildfly...

7.5CVSS8.3AI score0.0172EPSS
Exploits0References3
CNVD
CNVD
added 2022/05/23 12:0 a.m.57 views

Fastjson Remote Code Execution Vulnerability (CNVD-2022-40233)

Fastjson is an open source JSON parsing library , it can parse JSON format strings , support for Java Bean serialized to JSON strings , you can also deserialize from JSON strings to JavaBean. Fastjson has a remote code execution vulnerability that can be exploited by an attacker to bypass the...

8.1AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/05/13 1:1 a.m.5 views

ai.idylnlp:idylnlp-models-deeplearning (>=1.0.0 <=1.1.0), ai.platon.pulsar:pulsar-agentic (>=4.5.0 <=4.6.0) +5848 more potentially affected by CVE-2013-4002 via xerces:xercesImpl (>=2.10.0 <=2.11.0)

xerces:xercesImpl MAVEN version =2.10.0, =1.0.0, =4.5.0, =4.7.11, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.7.0, =4.5.0, =4.5.0, =4.5.0, =0.2, =5.0.9, =5.1.3 and more Source cves: CVE-2013-4002 Source advisory: OSV:GHSA-7J4H-8WPF-RQFH...

7.1CVSS6.7AI score0.24738EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/13 12:0 a.m.6 views

africa.absa:inception-api (>=1.1.0 <=1.2.0), africa.absa:inception-application (>=1.1.0 <=1.2.0) +12965 more potentially affected by CVE-2022-22970 via org.springframework:spring-beans (>=5.3.0 <=5.3.2)

org.springframework:spring-beans MAVEN version =5.3.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.2.0 and more Source cves: CVE-2022-22970 Source advisory: OSV:GHSA-HH26-6XWR-GGV7...

5.3CVSS6.7AI score0.01978EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/05/13 12:0 a.m.7 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +41159 more potentially affected by CVE-2022-22970 via org.springframework:spring-beans (>=1.2 <=5.2.21.RELEASE)

org.springframework:spring-beans MAVEN version =1.2, =1.1, =1.3, =0.0.1, =4.4.0.0, =0.1.12, =0.1.6, =0.1.8, =0.1.6, =0.1.2, =0.0.6, =0.0.11, =0.0.16, =0.0.1, =0.0.51 and more Source cves: CVE-2022-22970 Source advisory: OSV:GHSA-HH26-6XWR-GGV7...

5.3CVSS6.7AI score0.01978EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2022/04/12 6:32 p.m.75 views

Low: Red Hat Security Advisory: Red Hat Integration Camel-K 1.6.5 security update

A micro version update from 1.6.4 to 1.6.5 is now available for Red Hat Integration Camel K. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Low. A Common...

9.8CVSS7AI score0.99677EPSS
Exploits102References5
Rows per page
Query Builder