Lucene search
K

29 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

MiracleLinux 4 : axis-1.2.1-7.5.AXS4 (AXSA:2014-534:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-534:01 advisory. Description : Apache AXIS is an implementation of the SOAP Simple Object Access Protocol submission to W3C. From the draft W3C specification: SOAP is a...

5.8CVSS7.3AI score0.05806EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 3 : axis-1.2.1-2jpp.8.AXS3 (AXSA:2014-536:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-536:01 advisory. Description : Apache AXIS is an implementation of the SOAP Simple Object Access Protocol submission to W3C. From the draft W3C specification: SOAP is a...

5.8CVSS7.3AI score0.05806EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/13 10:29 a.m.12 views

Security Bulletin: IBM System Storage Support for Microsoft Volume Shadow Copy Service and Virtual Disk Service is vulnerable to multiple vulnerabilities due to Apache Axis. CVE-2018-8032, CVE-2014-3596, CVE-2019-0227, CVE-2012-5784

Summary IBM System Storage Support for Microsoft Volume Shadow Copy Service and Virtual Disk Service is vulnerable to multiple vulnerabilities due to Apache Axis. CVE-2018-8032, CVE-2014-3596, CVE-2019-0227, CVE-2012-5784. Vulnerability Details CVEID:CVE-2018-8032 DESCRIPTION: Apache Axis 1.x up ...

7.5CVSS7AI score0.86503EPSS
Exploits8Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.5 views

SUSE CVE-2014-3596

The getCN function in Apache Axis 1.4 and earlier does not properly verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subjec...

6.5CVSS7.7AI score0.05806EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2019:1373-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS8.8AI score0.05806EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2019:1382-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS7.9AI score0.05806EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/26 5:24 p.m.70 views

Security Bulletin: Multiple Vulnerabilities found in Axis.jar V1.x may affect IBM Content Collector for SAP Applications

Summary IBM Content Collector for SAP Applications may be affected by multiple vulnerabilities found in Axis.jar V1.x Vulnerability Details CVEID: CVE-2018-8032 DESCRIPTION: Apache Axis is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the default...

7.5CVSS0.9AI score0.86503EPSS
Exploits8Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/01/15 12:0 a.m.62 views

Oracle Primavera Gateway Multiple Vulnerabilities (Jan 2020 CPU)

According to its self-reported version number, the Oracle Primavera Gateway installation running on the remote web server is 15.x prior to 15.2.18, 16.x prior to 16.2.11, 17.x prior to 17.12.6, or 18.x prior to 18.8.8.1. It is, therefore, affected by multiple vulnerabilities, including the...

9.8CVSS7AI score0.87218EPSS
Exploits13References10
OSV
OSV
added 2019/10/11 3:6 p.m.5 views

SUSE-SU-2019:1373-2 Security update for axis

This update for axis fixes the following issues: Security issue fixed: - CVE-2012-5784, CVE-2014-3596: Fixed missing connection hostname check against X.509 certificate name bsc1134598...

5.8CVSS6.3AI score0.05806EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2019/06/10 12:0 a.m.38 views

openSUSE Security Update : axis (openSUSE-2019-1526)

This update for axis fixes the following issues : Security issue fixed : - CVE-2012-5784, CVE-2014-3596: Fixed missing connection hostname check against X.509 certificate name bsc1134598. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network...

5.8CVSS7.2AI score0.05806EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2019/06/08 12:0 a.m.33 views

openSUSE: Security Advisory for axis (openSUSE-SU-2019:1526-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.8CVSS7.2AI score0.05806EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/06/04 12:0 a.m.33 views

openSUSE Security Update : axis (openSUSE-2019-1497)

This update for axis fixes the following issues : Security issue fixed : - CVE-2012-5784, CVE-2014-3596: Fixed missing connection hostname check against X.509 certificate name bsc1134598. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network...

5.8CVSS7.2AI score0.05806EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2019/06/04 12:0 a.m.82 views

openSUSE: Security Advisory for axis (openSUSE-SU-2019:1497-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.8CVSS7.2AI score0.05806EPSS
Exploits1References2
OSV
OSV
added 2019/05/28 3:0 p.m.7 views

SUSE-SU-2019:1373-1 Security update for axis

This update for axis fixes the following issues: Security issue fixed: - CVE-2012-5784, CVE-2014-3596: Fixed missing connection hostname check against X.509 certificate name bsc1134598...

5.8CVSS6.3AI score0.05806EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2018/10/16 8:50 p.m.8 views

activemq:activemq (=1.1), activemq:activemq-optional (=3.2) +325 more potentially affected by CVE-2014-3596 via axis:axis (>=1.2 <=1.4)

axis:axis MAVEN version =1.2, =1.2.5, =1.1.0, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.6.4 and more Source cves: CVE-2014-3596 Source advisory: OSV:GHSA-R53V-VM87-F72C...

5.8CVSS6.8AI score0.05806EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 1:9 p.m.27 views

Security Bulletin: Vulnerability in Apache Axis affects IBM Cúram Social Program Management (CVE-2014-3596)

Summary IBM Cúram Social Program Management uses the Apache Axis Library. Apache Axis and Axis2 could allow a remote attacker to conduct spoofing attacks, caused by and incomplete fix related to the failure to verify that the server hostname matches a domain name in the subject's Common Name CN...

5.8CVSS0.8AI score0.05806EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:12 p.m.33 views

Security Bulletin: Two vulnerabilities exist in IBM Case Foundation and FileNet Business Process Manager (CVE-2012-5784 and CVE-2014-3596)

Summary Apache Axis contains two security vulnerabilities that could allow for spoofing attacks. See the individual descriptions below for the details. Vulnerability Details CVE-ID: CVE-2012-5784 DESCRIPTION: Apache Axis 1.4, as used in multiple products, could allow a remote attacker to conduct...

5.8CVSS0.6AI score0.05806EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 7:54 p.m.45 views

Security Bulletin: Security Vulnerability in Apache Axis affects IBM WebSphere Dashboard Framework (CVE-2014-3596)

Summary There is an insecure certificate validation CVE-2014-3596 in Apache Axis which is bundled with IBM WebSphere Dashboard Framework. Vulnerability Details IBM WebSphere Dashboard Framework WDF bundles a copy of Apache Axis which can be used to make web service requests. A vulnerability in Ax...

5.8CVSS1AI score0.05806EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.24 views

Amazon Linux: Security Advisory (ALAS-2014-412)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS8.7AI score0.05806EPSS
Exploits0References2
Mageia
Mageia
added 2014/12/26 5:4 p.m.44 views

Updated axis packages fix CVE-2014-3596

Updated axis packages fixes security vulnerability: It was discovered that Axis incorrectly extracted the host name from an X.509 certificate subject's Common Name CN field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate...

5.8CVSS8.3AI score0.05806EPSS
Exploits0References2
Rows per page
Query Builder