Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.24 views

EUVD-2022-5742

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.07958EPSS
Exploits1References15
Tenable Nessus
Tenable Nessus
added 2017/07/21 12:0 a.m.84 views

Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (July 2017 CPU)

According to its self-reported version number, the Oracle Primavera P6 Enterprise Project Portfolio Management EPPM installation running on the remote web server is 8.3.x prior to 8.3.15.4, 8.4.x prior to 8.4.15.2, 15.x prior to 15.2.15.1, or 16.x prior to 16.2.9.0. It is, therefore, affected by...

9.8CVSS6.5AI score0.07958EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2017/01/25 12:0 a.m.49 views

Oracle Enterprise Manager Cloud Control Multiple Vulnerabilities (January 2017 CPU)

The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in the Enterprise Manager Base Platform component : - A flaw exists in the Bouncy Castle Java library due to improper validation of a point within the elliptic curve. An...

9.8CVSS7.9AI score0.07958EPSS
Exploits1References3
NVD
NVD
added 2016/10/03 6:59 p.m.25 views

CVE-2016-5019

CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0.13, 1.2.x before 1.2.15, 2.0.x before 2.0.2, and 2.1.x before 2.1.2 might allow attackers to conduct deserialization attacks via a crafted serialized view state string...

9.8CVSS9.2AI score0.07958EPSS
Exploits1References13
Cvelist
Cvelist
added 2016/10/03 6:0 p.m.36 views

CVE-2016-5019

CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0.13, 1.2.x before 1.2.15, 2.0.x before 2.0.2, and 2.1.x before 2.1.2 might allow attackers to conduct deserialization attacks via a crafted serialized view state string...

9.2AI score0.07958EPSS
Exploits1References13
Prion
Prion
added 2010/05/27 7:0 p.m.17 views

Cross site scripting

Oracle Mojarra 1.214 and 2.0.2, as used in IBM WebSphere Application Server, Caucho Resin, and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting XSS attacks or execute arbitrary Expression Language EL statements v...

4.3CVSS6AI score0.01502EPSS
Exploits2References2Affected Software1
RedHat Linux
RedHat Linux
added 2010/02/23 8:20 p.m.4 views

MyFaces: XSS via state view

JBoss Enterprise Web Server 1.0.0 ships with Apache MyFaces 1.1.0. Apache MyFaces 1.1.0 does not support encrypted view state. When the application's view state is not encrypted, it is possible for an attacker to supply a new or modified view object as part of a request. This allows remote...

4CVSS5.9AI score0.02118EPSS
Exploits1References4
Rows per page
Query Builder