CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2014-2436

Malware in sbrugna...

4.3CVSS6.1AI score0.00442EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2013-3697

Malware in sbrugna...

5.5CVSS6.1AI score0.00164EPSS

Exploits8References4

Symantec•added 2018/06/12 12:0 a.m.•43 views

OpenSSL CVE-2018-0732 Denial of Service Vulnerability

Description OpenSSL is prone to denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected OpenSSL Project OpenSSL 1.0.2 OpenSSL Project OpenSSL 1.0.2a OpenSSL Project OpenSSL 1.0.2b OpenSSL Project OpenSSL 1.0.2c OpenSSL...

5CVSS0.9AI score0.78382EPSS

Exploits0References2Affected Software28

Symantec•added 2017/04/17 12:0 a.m.•82 views

Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability

Description Apache Log4j is prone to remote code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Apache Log4j 2.0-alpha1 through 2.8.1 ar...

7.5CVSS0.6AI score0.94013EPSS

Exploits2References5Affected Software84

Check Point Advisories•added 2015/05/18 12:0 a.m.•3 views

Oracle Endeca Server createDataStore Remote Command Execution - Ver2 (CVE-2013-3763)

A command execution vulnerability exists in Oracle Endeca Server. The vulnerability is due to the controlSoapBinding web service exposing the createDataStore method which contains a flaw that allows for the injection of arbitrary commands. A remote, unauthenticated attacker could exploit this...

5.5CVSS6.9AI score0.7218EPSS

Exploits8

seebug.org•added 2014/07/01 12:0 a.m.•13 views

Oracle Endeca Server Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.1AI score

Exploits0

NVD•added 2014/04/16 1:55 a.m.•19 views

CVE-2014-2399

Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery Formerly Latitude, a different vulnerability than CVE-2014-2400...

4.3CVSS5.6AI score0.26699EPSS

Exploits4References6

Prion•added 2014/04/16 1:55 a.m.•18 views

Design/Logic Flaw

4.3CVSS5.9AI score0.26699EPSS

Exploits5References5Affected Software1

CVE•added 2014/04/16 1:0 a.m.•52 views

CVE-2014-2400

CVE-2014-2400 is a Cross‑Site Scripting vulnerability in Endeca Latitude 2.2.2 (Endeca Latitude / Oracle Fusion Middleware context). The advisories describe input handling flaws where invalid URL parameters (config/admin) are reflected without proper escaping, enabling arbitrary JavaScript execut...

4.3CVSS5.7AI score0.00442EPSS

Exploits1References5Affected Software1

CVE•added 2014/04/16 1:0 a.m.•51 views

CVE-2014-2399

CVE-2014-2399 concerns Endeca Latitude (Endeca Latitude 2.2.2) Cross‑Site Request Forgery. The CSRF stems from vulnerable admin/config URLs without anti‑CSRF controls, enabling an attacker to trigger administrative actions (e.g., change settings or disable the instance) via forged requests. No fi...

4.3CVSS5.7AI score0.26699EPSS

Exploits4References6Affected Software1

Cvelist•added 2014/04/16 1:0 a.m.•20 views

CVE-2014-2400

5.6AI score0.00442EPSS

Exploits1References5

Cvelist•added 2014/04/16 1:0 a.m.•24 views

CVE-2014-2399

5.6AI score0.26699EPSS

Exploits4References6

Check Point Advisories•added 2013/09/17 12:0 a.m.•4 views

Oracle Endeca Server createDataStore Remote Command Execution (CVE-2013-3763)

5.5CVSS6.9AI score0.7218EPSS

Exploits8

Saint•added 2013/09/04 12:0 a.m.•43 views

Oracle Endeca Server createDataStore method command execution

Added: 09/04/2013 CVE: CVE-2013-3763 BID: 61217 OSVDB: 95269 Background Oracle Endeca Server is a hybrid search-analytical database. Problem A vulnerability in the controlSoapBinding service allows remote attackers to execute arbitrary commands by sending a request for the createDataStore method...

5.5CVSS7.2AI score0.7218EPSS

Exploits8

Saint•added 2013/09/04 12:0 a.m.•39 views

Oracle Endeca Server createDataStore method command execution

5.5CVSS7.2AI score0.7218EPSS

Exploits8

Saint•added 2013/09/04 12:0 a.m.•41 views

Oracle Endeca Server createDataStore method command execution

5.5CVSS7.2AI score0.7218EPSS

Exploits8

Saint•added 2013/09/04 12:0 a.m.•36 views

Oracle Endeca Server createDataStore method command execution

5.5CVSS7.2AI score0.7218EPSS

Exploits8

Exploit DB•added 2013/08/26 12:0 a.m.•34 views

Oracle Endeca Server - Remote Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Oracle Endeca Server Remote Command...

5.5CVSS7.4AI score0.7218EPSS

Exploits8

0day.today•added 2013/08/25 12:0 a.m.•28 views

Oracle Endeca Server Remote Command Execution Vulnerability

This Metasploit module exploits a command injection vulnerability on the Oracle Endeca Server 7.4.0. The vulnerability exists on the createDataStore method from the controlSoapBinding web service. The vulnerable method only exists on the 7.4.0 branch and isn't available on the 7.5.5.1 branch. On...

5.5CVSS6.8AI score0.7218EPSS

Exploits8

Packet Storm•added 2013/08/24 12:0 a.m.•33 views

Oracle Endeca Server Remote Command Execution

5.5CVSS0.1AI score0.7218EPSS

Exploits8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by