CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

914 matches found

Snyk•added 2025/11/20 2:41 a.m.•5 views

Directory Traversal

Overview cn.dreampie:resty-httpclient is a Resty java httpClient Affected versions of this package are vulnerable to Directory Traversal via the Request function. An attacker can access or modify files outside the intended directory by supplying crafted input to the filename argument. Details A...

8.1CVSS7.5AI score0.00644EPSS

Exploits1References2

Vulnrichment•added 2025/11/20 1:32 a.m.•5 views

CVE-2025-13435 Dreampie Resty HttpClient HttpClient.java request path traversal

A security vulnerability has been detected in Dreampie Resty up to 1.3.1.SNAPSHOT. This affects the function Request of the file /resty-httpclient/src/main/java/cn/dreampie/client/HttpClient.java of the component HttpClient Module. Such manipulation of the argument filename leads to path traversa...

6.3CVSS5.5AI score0.00644EPSS

Exploits1References4

Positive Technologies•added 2025/11/20 12:0 a.m.•5 views

PT-2025-47547

Name of the Vulnerable Software and Affected Versions Dreampie Resty versions up to 1.3.1.SNAPSHOT Description A security issue exists in Dreampie Resty. Manipulation of the filename argument within the Request function, located in the file...

6.3CVSS5.2AI score0.00644EPSS

Exploits1References11

Tenable Nessus•added 2025/10/24 12:0 a.m.•6 views

Oracle Siebel Server prior to 25.7 (October 2025 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - An excessive memory use issue CWE-770 exists in Email-MIME, before version 1.954, which can cause denial of service when parsing multipart MIME...

7.8CVSS7AI score0.53861EPSS

Exploits4References9

IBM Security Bulletins•added 2025/10/10 6:34 a.m.•6 views

Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing - Apache Commons HttpClient before 4.2.3 allows man-in-the-middle attack

Summary Apache Commons HttpClient before 4.2.3 allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Following IBM® Engineering Lifecycle Management product is vulnerable to this attack, it has been addressed in this bulletin: IBM Engineering Lifecycle...

5.8CVSS6.7AI score0.09254EPSS

Exploits0Affected Software1