CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

31 matches found

GithubExploit•added 2026/04/03 2:10 p.m.•253 views

Exploit for Server-Side Request Forgery in Apache Cxf

DevArea SOAP Exploitation Tool CVE-2022-46364 Descripti...

9.8CVSS6.7AI score0.00121EPSS

Exploits5

GithubExploit•added 2026/03/28 9:10 p.m.•174 views

Exploit for Server-Side Request Forgery in Apache Cxf

CVE-2022-46364 Exploit Apache CXF SSRF via MTOM XOP:Include |...

9.8CVSS6.6AI score0.00103EPSS

Exploits5

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-7768

Malicious code in bioql PyPI...

9.8CVSS6.2AI score0.00103EPSS

Exploits5References15

RedHat Linux•added 2024/11/25 12:12 a.m.•0 views

CXF: SSRF Vulnerability

A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type...

9.8CVSS6.8AI score0.00103EPSS

Exploits5References5

RedHat Linux•added 2024/11/25 12:12 a.m.•5 views

CXF: SSRF Vulnerability

9.8CVSS6.8AI score0.00103EPSS

Exploits5References5

RedHat Linux•added 2023/03/16 7:57 a.m.•2 views

CXF: SSRF Vulnerability

9.8CVSS6.8AI score0.00103EPSS

Exploits5References5

IBM Security Bulletins•added 2023/03/09 3:38 p.m.•36 views

Security Bulletin: IBM Liberty for Java for IBM Cloud is vulnerable to server-side request forgery due to Apache CXF (CVE-2022-46364)

Summary There is a vulnerability in the Apache CXF library used by IBM Liberty for Java for IBM Cloud with the jaxws-2.2 feature enabled. This has been addressed. Vulnerability Details CVEID:CVE-2022-46364 DESCRIPTION: Apache CXF is vulnerable to server-side request forgery, caused by a flaw in...

9.8CVSS9.3AI score0.00103EPSS

Exploits5Affected Software1

RedHat Linux•added 2023/03/01 9:58 p.m.•3 views

CXF: SSRF Vulnerability

9.8CVSS6.8AI score0.00103EPSS

Exploits5References5

RedHat Linux•added 2023/03/01 9:45 p.m.•2 views

CXF: SSRF Vulnerability

9.8CVSS6.8AI score0.00103EPSS

Exploits5References5

SUSE CVE•added 2023/02/15 5:38 a.m.•3 views

SUSE CVE-2013-2415

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented o...

2.1CVSS6.2AI score0.00083EPSS

Exploits0References6

RedHat Linux•added 2023/01/31 1:18 p.m.•3 views

CXF: SSRF Vulnerability

9.8CVSS6.8AI score0.00103EPSS

Exploits5References5

RedHat Linux•added 2023/01/31 1:15 p.m.•3 views

CXF: SSRF Vulnerability

9.8CVSS6.8AI score0.00103EPSS

Exploits5References5

RedHat Linux•added 2023/01/26 9:55 p.m.•2 views

CXF: SSRF Vulnerability

9.8CVSS6.8AI score0.00103EPSS

Exploits5References5

RedhatCVE•added 2022/12/21 10:1 p.m.•51 views

CVE-2022-46364

9.8CVSS3.7AI score0.00103EPSS

Exploits5References4

Veracode•added 2022/12/14 2:50 a.m.•40 views

Server-side Request Forgery (SSRF)

cxf-core is vulnerable to Server-side Request Forgery SSRF. The vulnerability exists due to the lack of URL encode in MTOM content-id, which allows an attacker to perform SSRF-style attacks on web services that take at least one parameter of any type through the href attribute of XOP:Include...

9.8CVSS8.9AI score0.00103EPSS

Exploits5References4Affected Software25

OSV•added 2022/12/13 6:30 p.m.•2 views

GHSA-X3X3-QWJQ-8GJ4 Apache CXF Server-Side Request Forgery vulnerability

A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type...

9.8CVSS6.6AI score0.00103EPSS

Exploits5References2