CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

OSV•added 2026/01/09 7:16 a.m.•4 views

CVE-2025-70974

Fastjson before 1.2.48 mishandles autoType because, when an @type key is in a JSON document, and the value of that key is the name of a Java class, there may be calls to certain public methods of that class. Depending on the behavior of those methods, there may be JNDI injection with an...

10CVSS7AI score

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2013-0663

Malware in sbrugna...

5CVSS6.4AI score0.00298EPSS

Exploits0References2

CVE•added 2005/11/22 9:0 p.m.•54 views

CVE-2005-3757

The CVE-2005-3757 issue affects the Saxon XSLT parser used by Google Mini Search Appliance (and possibly Google Search Appliance). The vulnerability arises from dangerous Java methods (system-property, sys:getProperty, run:exec) in the select attribute of xsl:value-of in XSLT style sheets, enabli...

7.5CVSS7.4AI score0.75746EPSS

Exploits4References7Affected Software2

Cvelist•added 2005/11/22 9:0 p.m.•21 views

CVE-2005-3757

The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, such as 1 system-property...

7.3AI score0.75746EPSS

Exploits4References7