Lucene search
K

318 matches found

BDU FSTEC
BDU FSTEC
added 2016/04/25 12:0 a.m.5 views

The vulnerability of the SAP NetWeaver software integration platform allows attackers to obtain confidential information, enhance their privileges, or carry out other malicious actions.

The vulnerability of the XML Data Archiving Service component of the SAP NetWeaver software integration platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to obtain confidential information, enhance their privileges, or cause other adverse...

6.5CVSS7.6AI score0.01315EPSS
Exploits0References3
OSV
OSV
added 2016/04/22 10:59 a.m.3 views

CVE-2016-1593

Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. dot dot in a filename within a multipart/form-data POST request to a LiveTime.woa URL...

7.2CVSS6AI score0.64142EPSS
Exploits7References8
OSV
OSV
added 2016/04/08 2:59 p.m.7 views

CVE-2016-3980

The Java Startup Framework aka jstart in SAP JAVA AS 7.2 through 7.4 allows remote attackers to cause a denial of service process crash via a crafted HTTP request, aka SAP Security Note 2259547...

7.5CVSS5.8AI score0.07075EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2015/11/20 12:0 a.m.7 views

The vulnerability of the WildFly application server and the JBoss Enterprise Application Platform, which allows a hacker to induce a service failure.

The vulnerability of the Java server consoles of WildFly and the JBoss Enterprise Application Platform lies in buffer overflows. Exploiting this vulnerability allows a malicious actor to cause a service failure by creating a request with an excessively long header...

5CVSS7.9AI score0.02978EPSS
Exploits0References13Affected Software1
OSV
OSV
added 2015/11/07 8:11 p.m.12 views

MGASA-2015-0436 Updated krb5 packages fix security vulnerabilities

Updated krb5 packages fix security vulnerabilities: In MIT krb5 1.5 and later, applications which call gssinquirecontext on a partially-established SPNEGO context can cause the GSS-API library to read from a pointer using the wrong type, generally causing a process crash. This bug may go unnotice...

7.1CVSS9.2AI score0.06243EPSS
Exploits0References3
Mageia
Mageia
added 2015/11/07 8:11 p.m.45 views

Updated krb5 packages fix security vulnerabilities

Updated krb5 packages fix security vulnerabilities: In MIT krb5 1.5 and later, applications which call gssinquirecontext on a partially-established SPNEGO context can cause the GSS-API library to read from a pointer using the wrong type, generally causing a process crash. This bug may go unnotice...

7.1CVSS7.7AI score0.06243EPSS
Exploits0References2
CNVD
CNVD
added 2015/10/30 12:0 a.m.4 views

Infinite Automation Mango Automation File Upload Vulnerability

Infinite Automation Mango Automation is the United States Infinite Automation Systems, Inc. of a set of open source Web-based SCADA data acquisition and supervisory control, HMI and automation software. Infinite Automation Mango Automation 2.5.x and 2.6.x prior to 2.6.0, version 2.6.x, build 430,...

6.5CVSS7.7AI score0.02783EPSS
Exploits1References1
Cent OS
Cent OS
added 2015/09/01 3:35 p.m.71 views

jakarta security update

CentOS Errata and Security Advisory CESA-2015:1695 Updated jakarta-taglibs-standard packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring Syste...

7.5CVSS7AI score0.1326EPSS
Exploits0References7
CNVD
CNVD
added 2015/08/13 12:0 a.m.3 views

Red Hat JBoss Portal PortletBridge PortletRequestDispatcher Code Injection Vulnerability

Red Hat JBoss Portal is the United States Red Hat Red Hat a set of open source and standards-compliant portal platform , it can build , layout of a portal Web interface for publishing , managing content and customizing the user experience . PortletBridge is a JSR-301 and JSR 329 draft...

5.8CVSS7AI score0.01648EPSS
Exploits0References1
NVD
NVD
added 2015/07/16 11:0 a.m.30 views

CVE-2015-4744

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect integrity via unknown vectors...

2.6CVSS5.7AI score0.01792EPSS
Exploits0References2
Prion
Prion
added 2015/07/16 11:0 a.m.33 views

Buffer overflow

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect integrity via unknown vectors...

2.6CVSS6.3AI score0.01792EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2015/07/16 10:59 a.m.29 views

CVE-2015-2623

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2, and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0, allows remote attackers to affect integrity via unknown vectors related ...

4.3CVSS5.7AI score0.01607EPSS
Exploits0References2
Prion
Prion
added 2015/07/16 10:59 a.m.18 views

Buffer overflow

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2, and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0, allows remote attackers to affect integrity via unknown vectors related ...

4.3CVSS6.3AI score0.01607EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/07/16 10:0 a.m.26 views

CVE-2015-2623

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2, and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0, allows remote attackers to affect integrity via unknown vectors related ...

5.7AI score0.01607EPSS
Exploits0References2
CVE
CVE
added 2015/07/16 10:0 a.m.91 views

CVE-2015-4744

Technical details about CVE-2015-4744 are not provided in the supplied documents; no explicit affected products/versions or impact are disclosed. Monitor for updates.

2.6CVSS5.8AI score0.01792EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/07/16 10:0 a.m.33 views

CVE-2015-4744

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect integrity via unknown vectors...

5.7AI score0.01792EPSS
Exploits0References2
CVE
CVE
added 2015/07/16 10:0 a.m.108 views

CVE-2015-2623

The CVE-2015-2623 entry affects Oracle Fusion Middleware components: Oracle GlassFish Server (3.0.1, 3.1.2) and Oracle WebLogic Server (Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, 12.1.3.0). The underlying issue is related to JavaServer Faces, with remote attackers able to impact integrity vi...

4.3CVSS5.8AI score0.01607EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2015/07/16 10:0 a.m.24 views

CVE-2015-2623

Removed by vendor...

4.3CVSS6.5AI score0.01607EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/07/16 12:0 a.m.43 views

Oracle GlassFish Server Multiple Vulnerabilities (July 2015 CPU)

The version of Oracle GlassFish Server running on the remote host is affected by multiple vulnerabilities : - A security bypass vulnerability exists in the bundled Network Security Services NSS library because the definitelengthdecoder function, in file quickder.c, does not properly form the DER...

7.5CVSS7.9AI score0.03182EPSS
Exploits4References4
CNVD
CNVD
added 2015/06/03 12:0 a.m.3 views

SAP ABAP & Java Server Denial of Service Vulnerability

SAP ABAP & Java Server is a German SAP SAP company running in NetWeaver for SAP applications to provide a development and runtime environment for the application platform and based on the ABAP high-level programming language and Java programming language application server. A security vulnerabili...

5CVSS6.6AI score0.01812EPSS
Exploits1References1
Rows per page
Query Builder