CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2025/05/23 9:6 a.m.•0 views

CVE-2024-41640

Cross Site Scripting XSS vulnerability in AML Surety Eco up to 3.5 allows an attacker to run arbitrary code via crafted GET request using the id parameter...

6.1CVSS6AI score0.01005EPSS

Exploits0References1

Github Security Blog•added 2022/05/17 4:53 a.m.•13 views

Code injection via property expansion in SoapUI

The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file...

9.3CVSS8AI score0.17347EPSS

Exploits7References7Affected Software1

Cvelist•added 2019/05/03 7:57 p.m.•15 views

CVE-2018-20580

The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file...

8.8AI score0.29749EPSS

Exploits5References5

OSV•added 2019/01/09 2:29 p.m.•0 views

CVE-2019-3581

Improper input validation in the proxy component of McAfee Web Gateway 7.8.2.0 and later allows remote attackers to cause a denial of service via a crafted HTTP request parameter...

7.5CVSS5.8AI score

Exploits0References1

OSV•added 2018/06/12 2:29 p.m.•3 views

CVE-2017-3960

Exploitation of Authorization vulnerability in the web interface in McAfee Network Security Management NSM before 8.2.7.42.2 allows authenticated users to gain elevated privileges via a crafted HTTP request parameter...

8.8CVSS5.8AI score0.00144EPSS

Exploits0References1

RedhatCVE•added 2018/02/20 12:48 a.m.•20 views

CVE-2017-16670

The project import functionality in SoapUI 5.3.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL project file...

8.8CVSS7.5AI score0.00412EPSS

Exploits2References1

Prion•added 2018/02/19 7:29 p.m.•10 views

Code injection

The project import functionality in SoapUI 5.3.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL project file...

6.8CVSS7.8AI score0.00412EPSS

Exploits2References1Affected Software1

Cvelist•added 2018/02/19 7:0 p.m.•16 views

CVE-2017-16670

The project import functionality in SoapUI 5.3.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL project file...

7.8AI score0.00412EPSS

Exploits2References1

Prion•added 2014/01/25 1:55 a.m.•10 views

Code injection

The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file...

9.3CVSS7.8AI score0.17347EPSS

Exploits7References5Affected Software1

Cvelist•added 2014/01/25 1:0 a.m.•13 views

CVE-2014-1202

The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file...

7.2AI score0.17347EPSS

Exploits7References5

Cvelist•added 2012/09/28 9:0 p.m.•16 views

CVE-2012-1833

VMware SpringSource Grails before 1.3.8, and 2.x before 2.0.2, does not properly restrict data binding, which might allow remote attackers to bypass intended access restrictions and modify arbitrary object properties via a crafted request parameter to an application...

6.8AI score0.00188EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by