Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2019-12400

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of...

5.5CVSS6.5AI score0.00776EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/03 4:44 p.m.41 views

Security Bulletin: IBM Security Verify Governance is vulnerable to bypassing of security restrictions due to use of Apache Santuario XML Security (CVE-2019-12400, CVE-2021-40690)

Summary IBM Security Verify Governance uses Apache Santuario XML Security for Java which could allow a remote attacker to bypass security restrictions caused by a couple of vulnerabilities. This could allow the attacker to launch further attacks on the system CVE-2019-12400, CVE-2021-40690. The f...

7.5CVSS6.7AI score0.1121EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/15 5:4 p.m.51 views

Security Bulletin: Apache Santuario as used in IBM QRadar SIEM is vulnerable to improper input validation (CVE-2019-12400)

Summary Apache Santuario as used in IBM QRadar SIEM is vulnerable to improper input validation Vulnerability Details CVEID: CVE-2019-12400 DESCRIPTION: Apache Santuario XML Security for Java could allow a remote attacker to bypass security restrictions, caused by the loading of XML parsing code...

5.5CVSS1.1AI score0.00776EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/27 4:28 p.m.30 views

Security Bulletin: XML parsing vulnerability in Apache Santuario might affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2019-12400

Summary A XML parsing vulnerability in Apache Santuario might affect IBM Business Process Manager and IBM Business Automation Workflow are vulnerable. Vulnerability Details CVEID: CVE-2019-12400 DESCRIPTION: Apache Santuario XML Security for Java could allow a remote attacker to bypass security...

5.5CVSS1.4AI score0.00776EPSS
Exploits0Affected Software4
RedhatCVE
RedhatCVE
added 2020/04/04 11:14 a.m.31 views

CVE-2019-12400

In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this...

5.9CVSS1.4AI score0.00776EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/03/16 12:0 a.m.56 views

RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 6 (RHSA-2020:0804)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0804 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platfor...

9.1CVSS6.8AI score0.28839EPSS
Exploits4References38
Tenable Nessus
Tenable Nessus
added 2020/03/16 12:0 a.m.44 views

RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 8 (RHSA-2020:0806)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0806 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platfor...

9.1CVSS6.9AI score0.28839EPSS
Exploits4References38
RedHat Linux
RedHat Linux
added 2020/03/12 5:7 p.m.71 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 7 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

9.1CVSS6.8AI score0.28839EPSS
Exploits4References29
RedHat Linux
RedHat Linux
added 2020/03/12 5:5 p.m.71 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 6 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

9.1CVSS6.8AI score0.28839EPSS
Exploits4References29
RedHat Linux
RedHat Linux
added 2020/03/12 5:2 p.m.96 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 8 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

9.1CVSS6.8AI score0.28839EPSS
Exploits4References29
RedHat Linux
RedHat Linux
added 2020/03/12 5:0 p.m.93 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.7 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.1CVSS6.8AI score0.28839EPSS
Exploits4References29
vulnersOsv
vulnersOsv
added 2019/08/27 5:41 p.m.7 views

cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE), cloud.altemista.fwk.soap:cloud-altemistafwk-core-soap-wss (>=3.0.0.RELEASE <=3.1.0.RELEASE) +505 more potentially affected by CVE-2019-12400 via org.apache.santuario:xmlsec (>=2.0.3 <=2.1.3)

org.apache.santuario:xmlsec MAVEN version =2.0.3, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =1.4.0.0, =0.7.0.1, =1.0.0, =1.31.0, =1.31.0, =1.31.0, =2.2.4, =2.2.4, =2.2.4, =2.3.19 - com.exacttarget:fuelsdk =1.1.0 and more Source cves: CVE-2019-12400 Source advisory:...

5.5CVSS6.7AI score0.00776EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2019/08/23 9:15 p.m.38 views

CVE-2019-12400

In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this...

5.5CVSS6.8AI score0.00776EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2019/08/23 8:30 p.m.31 views

CVE-2019-12400

In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this...

5.5CVSS6.6AI score0.00776EPSS
Exploits0
Rows per page
Query Builder