Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

46 matches found

Japan Vulnerability Notes
Japan Vulnerability Notesadded 2014/11/14 12:0 a.m.70 views

JVN#91502163: Direct Web Remoting (DWR) vulnerable to XML external entity injection

Direct Web Remoting DWR is a Java framework for developing Ajax into web applications. DWR contains an XML external entity injection vulnerability CWE-611. Impact When an application uses a function to convert DOM data DOMConverter, JDOMConverter, DOM4JConverter or XOMConverter and a specially...

5CVSS6.6AI score0.00394EPSS
Exploits0
securityvulns
securityvulnsadded 2014/05/07 12:0 a.m.59 views

[ANN] Struts 2.3.16.3 GA release available - security fix

The Apache Struts group is pleased to announce that Struts 2.3.16.3 is available as a "General Availability" release.The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed ...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2013/06/19 12:0 a.m.521 views

Apache Struts 2 OGNL Expression Handling Double Evaluation Error Remote Command Execution

The remote web application appears to use Struts 2, a web framework that utilizes OGNL Object-Graph Navigation Language as an expression language. Due to a flaw in the evaluation of an OGNL expression, a remote, unauthenticated attacker can exploit this issue to execute arbitrary commands on the...

9.3CVSS8.3AI score0.90936EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2013/01/24 12:0 a.m.24 views

RHEL 4 / 5 : jboss-seam2 (RHSA-2011:0950)

Updated jboss-seam2 packages that fix one security issue are now available for JBoss Enterprise Application Platform 4.3 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...

6.8CVSS5.8AI score0.01215EPSS
Exploits0References3
securityvulns
securityvulnsadded 2012/01/09 12:0 a.m.68 views

SEC Consult SA-20120104-0 :: Multiple critical vulnerabilities in Apache Struts2

SEC Consult Vulnerability Lab Security Advisory 20120104-0 ======================================================================= title: Multiple critical vulnerabilities in Apache Struts2 product: Apache Struts2 OpenSymphony XWork OpenSymphony OGNL vulnerable version: 2.3.1 and below fixed...

1.2AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2008/11/24 12:0 a.m.246 views

Apache Struts 2 devMode Information Disclosure

The remote web server is using Apache Struts 2, a web application framework for developing Java EE web applications. The version of Apache Struts 2 installed on the remote host is configured to operate in development mode devMode. While this environment can help speed up development of web...

5.6AI score
Exploits0References2
Rows per page
Query Builder