Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2022/09/14 5:37 p.m.69 views

Security Bulletin: IBM Call Center and Apache Struts Struts upgrade strategy (various CVEs, see below)

Summary Apache Struts is used by IBM Call Center as part of its web application framework used for creating Java EE web applications. It is vulnerable to various CVEs, listed below. We recommend upgrading to the latest supported version of Struts that was released as part of the latest FixPack 12...

10CVSS10AI score0.99998EPSS
Exploits122Affected Software1
vulnersOsv
vulnersOsvadded 2022/05/14 1:51 a.m.4 views

ca.stellardrift.guice-backport.extensions:guice-struts2 (=5.0.1), com.google.inject.extensions:guice-struts2 (>=3.0 <=5.0.1) +63 more potentially affected by CVE-2012-0838 via org.apache.struts.xwork:xwork-core (>=2.2.1 <=2.2.3)

org.apache.struts.xwork:xwork-core MAVEN version =2.2.1, =3.0, =2.4.0, =2.4.0, =3.0.0, =3.0.0, =2.4.0, =2.4.0, =2.4.0, =3.0.0, =2.0.0, =0.9.2, =0.9.0, =0.9.1 - io.forestframework:guice-struts2 =5.0.1.1 and more Source cves: CVE-2012-0838 Source advisory: OSV:GHSA-MWRX-HX6X-3HHV...

10CVSS7.2AI score0.14032EPSS
Exploits0
vulnersOsv
vulnersOsvadded 2022/05/14 1:51 a.m.5 views

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-web (>=1.2.1 <=1.2.2) +80 more potentially affected by CVE-2012-0838 via org.apache.struts:struts2-core (>=2.0.5 <=2.2.3)

org.apache.struts:struts2-core MAVEN version =2.0.5, =1.2.1, =0.6, =3.0, =2.4.0, =2.1.0, =3.1.1 and more Source cves: CVE-2012-0838 Source advisory: OSV:GHSA-MWRX-HX6X-3HHV...

10CVSS7.7AI score0.14032EPSS
Exploits0
OpenVAS
OpenVASadded 2012/03/13 12:0 a.m.33 views

Apache Struts Security Update (S2-007) - Active Check

Apache Struts is prone to a java method execution vulnerability. Copyright C 2012 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

10CVSS9.4AI score0.14032EPSS
Exploits0References5
NVD
NVDadded 2012/03/02 10:55 p.m.18 views

CVE-2012-0838

Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field...

10CVSS9.7AI score0.14032EPSS
Exploits0References4
CVE
CVEadded 2012/03/02 10:0 p.m.104 views

CVE-2012-0838

CVE-2012-0838 affects Apache Struts 2 before 2.2.3.1, where an OGNL expression is evaluated during a conversion error, enabling a remote attacker to modify run-time data values and potentially execute arbitrary code. IBM security bulletins for Order Management (and related advisories) confirm the...

10CVSS7.1AI score0.14032EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder