CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

IBM Security Bulletins•added 2018/10/04 4:10 a.m.•21 views

Security Bulletin: IBM Tivoli Netcool Impact is affected by an Apache Derby vulnerability (CVE-2018-1313)

5.3CVSS1.2AI score0.00772EPSS

OPENSUSE Linux•added 2018/06/16 3:8 p.m.•97 views

Security update for java-1_8_0-openjdk (important)

This update for java-180-openjdk to version 8u171 fixes the following issues: These security issues were fixed: - S8180881: Better packaging of deserialization - S8182362: Update CipherOutputStream Usage - S8183032: Upgrade to LittleCMS 2.9 - S8189123: More consistent classloading - S8189969,...

5.1CVSS0.3AI score0.00693EPSS

Exploits0References11

IBM Security Bulletins•added 2018/06/15 7:3 a.m.•22 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Operational Decision Manager (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Operational Decision Manager. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to...

4.3CVSS0.5AI score0.92346EPSS

IBM Security Bulletins•added 2018/06/15 7:2 a.m.•25 views

Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere eXtreme Scale (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects WebSphere eXtreme Scale version 7.1.0, 7.1.1, 8.5, and 8.6. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive...

5CVSS0.1AI score0.23356EPSS

myhack58•added 2018/05/28 12:0 a.m.•12 views

See how do I find the value of 3 thousand 6 thousand USD Google RCE vulnerability-vulnerability warning-the black bar safety net

! This article tells the story of the Uruguayan public University, 18-year-old student Ezequiel Pereira found Google highest level RCE vulnerability-related process. In the beginning of the year, Ezequiel found Google Google App Engine GAEis a non-production environment of a vulnerability, exploi...

8.4AI score

Cent OS•added 2018/05/22 6:16 p.m.•150 views

java security update

CentOS Errata and Security Advisory CESA-2018:1649 An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

5.5CVSS7.2AI score0.46733EPSS

Exploits2References7

pentestit•added 2018/04/06 6:5 a.m.•407 views

Apache JMeter RMI Code Execution PoC (CVE-2018-1297)

PenTestIT RSS Feed Recently, I read about a remote code execution RCE vulnerability; CVE-2018-1297, that affects yet another Apache product - JMeter. As you might know, "The Apache JMeter™ application is open source software, a 100% pure Java application designed to load test functional behavior...

7.5CVSS9.7AI score0.17994EPSS

OPENSUSE Linux•added 2018/03/15 3:7 a.m.•72 views

Security update for java-1_8_0-openjdk (important)

This update for java-180-openjdk fixes the following issues: Security issues fix in jdk8u161 icedtea 3.7.0bsc1076366: - CVE-2018-2579: Improve key keying case - CVE-2018-2582: Better interface invocations - CVE-2018-2588: Improve LDAP logins - CVE-2018-2599: Improve reliability of DNS lookups -...

5.8CVSS7.4AI score0.0052EPSS

seebug.org•added 2018/02/23 12:0 a.m.•88 views

Apache JMeter uses an unsecure RMI connection in Distributed mode

Severity: Important Vendor: The Apache Software Foundation Versions Affected: JMeter 2.X, 3.X Description 0: When using Distributed Test only RMI based, jmeter uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code. This only affect...

6.7AI score

Kitploit•added 2017/10/23 1:11 p.m.•19 views

Exploit Pack - Penetration Testing Framework

Exploit Pack has been designed by an experienced team of software developers and exploit writers to automate processes so penetration testers can focus on what's really important. The threat. This blend of software engineers and subject matter experts provides an unique advantage by combining...

7.2AI score

RedhatCVE•added 2017/09/01 10:18 a.m.•37 views

CVE-2017-14063

Async Http Client aka async-http-client before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL CVE-2016-8624 and Oracle Java 8 java.net.URL...

7.5CVSS2AI score0.02826EPSS

NVD•added 2017/08/31 4:29 p.m.•20 views

CVE-2017-14063

7.5CVSS6.5AI score0.02826EPSS

Exploits0References28

OSV•added 2017/08/31 4:29 p.m.•23 views

CVE-2017-14063

7.5CVSS6.5AI score

Exploits0References28

UbuntuCve•added 2017/08/31 4:29 p.m.•24 views

CVE-2017-14063

7.5CVSS7.1AI score0.02826EPSS

Exploits0References4

Prion•added 2017/08/31 4:29 p.m.•27 views

Design/Logic Flaw

5CVSS8.2AI score0.02826EPSS

Exploits0References28Affected Software1

Debian CVE•added 2017/08/31 4:0 p.m.•41 views

CVE-2017-14063

7.5CVSS7.5AI score0.02826EPSS

Kitploit•added 2017/08/21 10:23 p.m.•253 views

Bytecode Viewer - A Java 8 Jar & Android Apk Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

Bytecode Viewer is an Advanced Lightweight Java Bytecode Viewer, GUI Java Decompiler, GUI Bytecode Editor, GUI Smali, GUI Baksmali, GUI APK Editor, GUI Dex Editor, GUI APK Decompiler, GUI DEX Decompiler, GUI Procyon Java Decompiler, GUI Krakatau, GUI CFR Java Decompiler, GUI FernFlower Java...

7.5AI score