Lucene search
K

27 matches found

CVE
CVE
added 2017/11/30 6:0 p.m.70 views

CVE-2017-14868

CVE-2017-14868 affects Restlet Framework before 2.3.11 when using SimpleXMLProvider, enabling an XXE in a REST API HTTP request that can disclose arbitrary files. The issue specifically impacts the Jax-rs extension and is described across multiple sources as a file disclosure via external entity ...

7.5CVSS7.4AI score0.02518EPSS
Exploits0References3Affected Software1
Zero Science Lab
Zero Science Lab
added 2017/05/03 12:0 a.m.85 views

Serviio PRO 1.8 DLNA Media Streaming Server REST API Information Disclosure

Summary Serviio is a free media server. It allows you to stream your media files music, video or images to renderer devices e.g. a TV set, Bluray player, games console or mobile phone on your connected home network. Description The version of Serviio installed on the remote Windows/Linux host is...

8.7CVSS5.8AI score0.00661EPSS
Exploits1
NVD
NVD
added 2014/10/06 11:55 p.m.24 views

CVE-2014-1868

Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion XEE attack...

5CVSS6.5AI score0.01336EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2014/10/06 11:55 p.m.36 views

CVE-2014-1868

Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion XEE attack...

5CVSS5.9AI score0.01336EPSS
Exploits0References2
OSV
OSV
added 2014/10/06 11:55 p.m.5 views

UBUNTU-CVE-2014-1868

Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion XEE attack...

5CVSS5.8AI score0.01336EPSS
Exploits0References3
Cvelist
Cvelist
added 2014/10/06 11:0 p.m.26 views

CVE-2014-1868

Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion XEE attack...

6.5AI score0.01336EPSS
Exploits0References3
CVE
CVE
added 2014/10/06 11:0 p.m.65 views

CVE-2014-1868

The affected software is Restlet Framework, specifically version 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1. The root cause is processing XML with XMLRepresentation or XML serializers that allows an XML Entity Expansion (XEE) attack, leading to denial of service. No exploit details are provided....

5CVSS6.7AI score0.01336EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder