Lucene search
K

347 matches found

Cvelist
Cvelist
added 2024/05/28 2:2 p.m.37 views

CVE-2023-35952

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsibl...

7.8CVSS8.3AI score0.00495EPSS
Exploits1References2
OSV
OSV
added 2024/05/28 2:2 p.m.21 views

CVE-2023-35949

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsibl...

7.8CVSS8AI score0.00495EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/05/28 2:2 p.m.16 views

CVE-2023-35949

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsibl...

7.8CVSS8AI score0.00495EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/05/28 2:2 p.m.16 views

CVE-2023-35952

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsibl...

7.8CVSS8AI score0.00495EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2024/05/28 2:2 p.m.12 views

CVE-2023-35949

Removed by vendor...

7.8CVSS7.5AI score0.00495EPSS
Exploits1
OSV
OSV
added 2024/05/28 2:2 p.m.12 views

CVE-2023-35952

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsibl...

7.8CVSS8AI score0.00495EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2024/05/28 2:2 p.m.20 views

CVE-2023-35952

Removed by vendor...

7.8CVSS7.6AI score0.00495EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.4 views

PT-2024-6875

Name of the Vulnerable Software and Affected Versions Ivanti Avalanche versions prior to 6.4.5 Description The issue is a path traversal affecting the Faces Mojarra component within Ivanti Avalanche. This allows a remote, unauthenticated attacker to potentially reveal sensitive information. The...

7.8CVSS6.5AI score0.5705EPSS
Exploits0References12
OSV
OSV
added 2024/03/22 4:15 p.m.5 views

CVE-2024-2227

This vulnerability allows access to arbitrary files in the application server file system due to a path traversal vulnerability in JavaServer Faces JSF 2.2.20 documented in CVE-2020-6950. The remediation for this vulnerability contained in this security fix provides additional changes to the...

7.5CVSS5.9AI score0.0078EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/22 3:43 p.m.45 views

CVE-2024-2227 IdentityIQ JavaServer Faces File Path Traversal Vulnerability

This vulnerability allows access to arbitrary files in the application server file system due to a path traversal vulnerability in JavaServer Faces JSF 2.2.20 documented in CVE-2020-6950. The remediation for this vulnerability contained in this security fix provides additional changes to the...

10CVSS8.1AI score0.0078EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/22 3:43 p.m.61 views

CVE-2024-2227 IdentityIQ JavaServer Faces File Path Traversal Vulnerability

This vulnerability allows access to arbitrary files in the application server file system due to a path traversal vulnerability in JavaServer Faces JSF 2.2.20 documented in CVE-2020-6950. The remediation for this vulnerability contained in this security fix provides additional changes to the...

10CVSS6.8AI score0.0078EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/22 12:0 a.m.7 views

PT-2024-19297

Name of the Vulnerable Software and Affected Versions SailPoint IdentityIQ affected versions not specified Description The issue is a path traversal vulnerability in JavaServer Faces JSF that allows access to arbitrary files in the application server file system. This can be exploited by an...

10CVSS6.7AI score0.0078EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/03/22 12:0 a.m.6 views

Oracle JavaServer Faces 路径遍历漏洞

Oracle JavaServer Faces is a user interface framework on Oracle's Java platform for building Web-based user interface components and applications. A path traversal vulnerability exists in Oracle JavaServer Faces JSF version 2.2.20 that originates from allowing access to arbitrary files in the...

10CVSS6.8AI score0.0078EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/02/20 12:0 a.m.9 views

The vulnerability of the javax.faces component in the Avalanche mobile device management system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the javax.faces.resource component in the Avalanche mobile device management system is related to an incorrect limitation on the path name to the restricted catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access t...

6.8CVSS6.6AI score0.37614EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/01/25 8:15 p.m.4 views

CVE-2023-41474

Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component...

6.5CVSS5.8AI score0.37614EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/01/19 12:0 a.m.52 views

Oracle JDeveloper Multiple Vulnerabilities (January 2024 CPU)

The version of Oracle JDeveloper installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities as referenced in the January 2024 CPU advisory. - Vulnerability in the Oracle JDeveloper product of Oracle Fusion Middleware component: Oracle JDevelop...

7.5CVSS6.5AI score0.13292EPSS
Exploits0References7
VulnCheck KEV
VulnCheck KEV
added 2023/10/08 12:0 a.m.2 views

VulnCheck KEV: CVE-2022-21445

Oracle ADF Faces library, included with Oracle JDeveloper Distribution, contains a deserialization of untrusted data vulnerability leading to unauthenticated remote code execution...

9.8CVSS7.2AI score0.62478EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.73 views

Oracle JDeveloper Information Disclosure (July 2023 CPU)

The version of Oracle JDeveloper installed on the remote host is missing a security patch. It is, therefore, affected by an information disclosure vulnerability as referenced in the July 2023 CPU advisory. The vulnerability is in the Oracle JDeveloper product of Oracle Fusion Middleware component...

9.8CVSS7.1AI score0.02844EPSS
Exploits1References3
Kitploit
Kitploit
added 2023/07/07 12:30 p.m.94 views

Badsecrets - A Library For Detecting Known Secrets Across Many Web Frameworks

A pure python library for identifying the use of known or very weak cryptographic secrets across a variety of platforms. The project is designed to be both a repository of various "known secrets" for example, ASP.NET machine keys found in examples in tutorials, and to provide a language-agnostic...

9.8CVSS9.8AI score0.75098EPSS
Exploits5References7
BDU FSTEC
BDU FSTEC
added 2023/05/19 12:0 a.m.7 views

The vulnerability of the getLocalePrefix function in ResourceManager.java of the Eclipse Mojarra library, as a implementation of EE4J Eclipse for the Jakarta Faces specification, allows an attacker to gain unauthorized access to protected information.

The vulnerability of the getLocalePrefix function in the ResourceManager.java file of the Eclipse Mojarra library, as a implementation of EE4J Eclipse for the Jakarta Faces specification, is related to an incorrect restriction on the path name to the restricted directory. Exploiting this...

7.8CVSS7.2AI score0.04425EPSS
Exploits0References5Affected Software4
Rows per page
Query Builder