CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

Tenable Nessus•added 2026/05/22 12:0 a.m.•4 views

Unity Linux 20.1070e Security Update: wildfly-security-manager (UTSA-2026-016746)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016746 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

8.5CVSS7.7AI score0.53648EPSS

Exploits9References4

RedhatCVE•added 2026/01/14 1:22 a.m.•3 views

CVE-2026-0500

Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager WorkStation, an unauthenticated attacker could create a malicious JNLP Java Network Launch Protocol file accessible by a public facing URL. When a victim clicks on the URL the accessed Wily Introscope...

9.6CVSS7.1AI score0.00173EPSS

Exploits0References1

Redos•added 2025/07/31 12:0 a.m.•3 views

ROS-20250731-03

A vulnerability in the Java Protocol Buffers protobuf-java runtime library is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

8.7CVSS7.4AI score0.00134EPSS

Exploits0

Positive Technologies•added 2022/11/11 12:0 a.m.•2 views

PT-2022-6841 · Google +1 · Protobuf-Java +1

Name of the Vulnerable Software and Affected Versions: protobuf-java versions prior to 3.21.7 protobuf-java versions prior to 3.20.3 protobuf-java versions prior to 3.19.6 protobuf-java versions prior to 3.16.3 Description: The issue is related to insufficient input validation in the Java Protoco...

7.8CVSS7.6AI score0.00058EPSS

Exploits0References17

Prion•added 2022/10/26 4:15 p.m.•18 views

Remote code execution

Apache Flume versions 1.4.0 through 1.10.1 are vulnerable to a remote code execution RCE attack when a configuration uses a JMS Source with an unsafe providerURL. This issue is fixed by limiting JNDI to allow only the use of the java protocol or no protocol...

7.5CVSS9.5AI score0.06404EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2022/09/13 11:14 a.m.•33 views

CVE-2022-34916

Apache Flume versions 1.4.0 through 1.10.0 are vulnerable to a remote code execution RCE attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI to allow only the use of the java...

8.1CVSS5.6AI score0.0266EPSS

Exploits0References3

Positive Technologies•added 2022/08/31 12:0 a.m.•1 views

PT-2022-13793 · Red Hat · Jboss Eap 7

Name of the Vulnerable Software and Affected Versions: Undertow affected versions not specified JBoss EAP 7 Description: A flaw was found in Undertow, where for an AJP 400 response, JBoss EAP 7 improperly sends two response packets with the reuse flag set, even though the connection is closed. Th...

7.5CVSS6.7AI score0.01193EPSS

Exploits0References13

Github Security Blog•added 2022/08/22 12:0 a.m.•35 views

Remote code execution in Apache Flume

9.8CVSS9.2AI score0.0266EPSS

Exploits0References5Affected Software1

Prion•added 2022/08/21 9:15 a.m.•17 views

Remote code execution

7.5CVSS9.5AI score0.0266EPSS

Exploits0References2Affected Software1

Github Security Blog•added 2022/06/15 12:0 a.m.•30 views

Remote Code Execution in Apache Flume

Apache Flume versions 1.4.0 through 1.9.0 are vulnerable to a remote code execution RCE attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI to allow only the use of the java...

9.8CVSS5.5AI score0.05291EPSS

Exploits0References6Affected Software1

NVD•added 2022/06/14 8:15 a.m.•9 views

CVE-2022-25167

9.8CVSS0.05291EPSS

Exploits0References3

ATTACKERKB•added 2022/06/14 8:15 a.m.•2 views

CVE-2022-25167

9.8CVSS7.8AI score0.05291EPSS

Exploits0References4