CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

Github Security Blog•added 2022/05/13 1:8 a.m.•13 views

Nablarch Incomplete Cryptography

An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 5, and 5u1 to 5u13 allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors...

9.1CVSS6.5AI score0.00161EPSS

Exploits0References6Affected Software1

NVD•added 2019/03/12 10:29 p.m.•13 views

CVE-2019-5918

Nablarch 5 5, and 5u1 to 5u13 allows remote attackers to conduct XML External Entity XXE attacks via unspecified vectors...

9.1CVSS9.1AI score0.00581EPSS

Exploits0References2

Prion•added 2019/03/12 10:29 p.m.•14 views

Design/Logic Flaw

6.4CVSS8.9AI score0.00161EPSS

Exploits0References2Affected Software1

Prion•added 2019/03/12 10:29 p.m.•14 views

Xxe

Nablarch 5 5, and 5u1 to 5u13 allows remote attackers to conduct XML External Entity XXE attacks via unspecified vectors...

8.5CVSS9.1AI score0.00581EPSS

Exploits0References2Affected Software1

CVE•added 2019/03/12 9:0 p.m.•42 views

CVE-2019-5918

Affected software: Nablarch 5 (5, and 5u1 to 5u13). Vulnerability: XML External Entity (XXE) attacks due to lack of XML validation/external DTD handling (CWE-611). Impact: remote attacker could cause information leakage or system shutdown. Root cause (as stated): XXE in the generic formatter func...

9.1CVSS9.1AI score0.00581EPSS

Exploits0References2Affected Software1