CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

142 matches found

Eclipse Mojarra - Local File Read

Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter. id: CVE-2020-6950 info: name: Eclipse Mojarra - Local File Read author: iamnoooob,pdresearch severity: medium description: | Directory traversal in Eclipse Mojarra...

6.5CVSS7AI score0.51657EPSS

Exploits0References5

Tenable Nessus•added 2026/05/22 12:0 a.m.•3 views

Unity Linux 20.1070e Security Update: mojarra (UTSA-2026-016756)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016756 advisory. Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter. Tenable has extracted the...

6.5CVSS7AI score0.51657EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2010-2104

Malware in sbrugna...

4.3CVSS6.2AI score0.0025EPSS

Exploits2References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2010-3983

Malware in sbrugna...

5CVSS6.4AI score0.00328EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-2654

Malware in sbrugna...

2.1CVSS6.1AI score0.00057EPSS

Exploits1References14

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2022-2283

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01625EPSS

Exploits0References12

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-2207

Malicious code in bioql PyPI...

4.3CVSS7.6AI score0.02316EPSS

Exploits0References21

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-5190

Malicious code in bioql PyPI...

6.1CVSS6.9AI score0.05622EPSS

Exploits1References18

Tenable Nessus•added 2025/08/24 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2010-2087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Oracle Mojarra 1.214 and 2.0.2, as used in IBM WebSphere Application Server, Caucho Resin, and other applications, does not properly handle an unencrypted view...

4.3CVSS5.8AI score0.0025EPSS

Exploits2References2

Tenable Nessus•added 2025/08/20 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2018-14371

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker...

7.5CVSS7.2AI score0.01625EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 10:2 a.m.•8 views

CVE-2019-17091

faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled...

6.1CVSS6AI score0.05622EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 2:2 a.m.•6 views

CVE-2010-4007

Oracle Mojarra uses an encrypted View State without a Message Authentication Code MAC, which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack, a related issue to CVE-2010-2057...

5CVSS6.9AI score0.01039EPSS

Exploits0References1

Zero Day Initiative•added 2025/01/19 12:0 a.m.•10 views

Ivanti Avalanche Faces ResourceManager Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Faces Mojarra component. The issue results from the use of a vulnerable...

7.5CVSS6.1AI score0.32995EPSS

Exploits0References1

Zero Day Initiative•added 2024/10/08 12:0 a.m.•10 views

Ivanti Avalanche Faces ResourceManager Information Disclosure Vulnerability

7.5CVSS6AI score0.53191EPSS

Exploits0References1

Positive Technologies•added 2024/04/17 12:0 a.m.•3 views

PT-2024-6875

Name of the Vulnerable Software and Affected Versions Ivanti Avalanche versions prior to 6.4.5 Description The issue is a path traversal affecting the Faces Mojarra component within Ivanti Avalanche. This allows a remote, unauthenticated attacker to potentially reveal sensitive information. The...

7.8CVSS6.5AI score0.53191EPSS

Exploits0References12

F5 Networks•added 2023/05/09 2:20 a.m.•35 views

K000134517: Eclipse vulnerability CVE-2020-6950

Security Advisory Description Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter. CVE-2020-6950 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...

6.5CVSS7.1AI score0.51657EPSS

Exploits0

OSV•added 2022/05/24 4:57 p.m.•1 views

GHSA-RJHX-C9QH-QH8F Cross-site Scripting in Eclipse Mojarra

faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces, allows Reflected XSS because a client window field is mishandled...

6.1CVSS6.9AI score0.05622EPSS

Exploits1References9

Github Security Blog•added 2022/05/24 4:57 p.m.•30 views

Cross-site Scripting in Eclipse Mojarra

6.1CVSS1.8AI score0.05622EPSS

Exploits1References10Affected Software2

Github Security Blog•added 2022/05/17 3:13 a.m.•41 views

Path Traversal in Eclipse Mojarra

Multiple path traversal flaws where found in Mojarra JSF2 implementation for identifying resources by name or from libraries. An unauthenticated remote attacker can use these flaws to gather otherwise undisclosed information from within an application's root...

5CVSS3.7AI score0.86817EPSS

Exploits0References5Affected Software1

OSV•added 2022/05/17 3:13 a.m.•0 views

GHSA-Q388-J7CW-FF7W Path Traversal in Eclipse Mojarra

5CVSS5.9AI score0.86817EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by