Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Friends Of PHP
Friends Of PHPadded 2023/11/22 12:0 a.m.23 views

Potential URI resolution path traversal in the AWS SDK for PHP

More info at https://nvd.nist.gov/vuln/detail/CVE-2023-51651...

6CVSS7.2AI score0.0011EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichmentadded 2022/07/27 8:20 p.m.6 views

CVE-2021-42537 VISAM VBASE Editor Improper Restriction of XML

VISAM VBASE version 11.6.0.6 processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output...

5.9CVSS7.6AI score0.00189EPSS
Exploits0References1
Ubuntu
Ubuntuadded 2022/03/29 10:6 a.m.126 views

USN-5313-2: OpenJDK 11 regression

USN-5313-1 fixed vulnerabilities and added features in OpenJDK. Unfortunately, that update introduced a regression in OpenJDK 11 that could impact interoperability with some popular HTTP/2 servers making it unable to connect to said servers. This update fixes the problem. We apologize for the...

6.3AI score
Exploits0References1
OSV
OSVadded 2022/03/16 9:36 a.m.9 views

OPENSUSE-SU-2022:0873-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update to version jdk8u322 icedtea-3.22.0 Including the following security fixes: - CVE-2022-21248, bsc1194926: Enhance cross VM serialization - CVE-2022-21283, bsc1194937: Better String matching - CVE-2022-21293, bsc1194935: Improve...

5.3CVSS5.3AI score0.05612EPSS
Exploits0References30
OSV
OSVadded 2022/03/16 9:34 a.m.8 views

SUSE-SU-2022:0871-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update to version jdk8u322 icedtea-3.22.0 Including the following security fixes: - CVE-2022-21248, bsc1194926: Enhance cross VM serialization - CVE-2022-21283, bsc1194937: Better String matching - CVE-2022-21293, bsc1194935: Improve...

5.3CVSS5.4AI score0.05612EPSS
Exploits0References30
OSV
OSVadded 2017/05/25 5:29 p.m.1 views

DEBIAN-CVE-2014-0225

When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack...

8.8CVSS8AI score0.00236EPSS
Exploits0References1
OSV
OSVadded 2015/05/11 8:10 p.m.4 views

MGASA-2015-0211 Updated springframework packages fix CVE-2014-0225

Updated springframework packages fix security vulnerabilities: When processing user provided XML documents, the Spring Framework did not disable by default the resolution of URI references in a DTD declaration. By observing differences in response times, an attacker could then identify valid IP...

8.8CVSS8.7AI score0.00236EPSS
Exploits0References3
Rows per page
Query Builder