CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-0709

Malware in sbrugna...

8.8CVSS8.8AI score0.00925EPSS

Exploits0References17

Github Security Blog•added 2018/10/18 4:57 p.m.•31 views

Moderate severity vulnerability that affects org.apache.cxf.fediz:fediz-spring, org.apache.cxf.fediz:fediz-spring2, and org.apache.cxf.fediz:fediz-spring3

Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF Cross Style Request Forgery style vulnerability has been found in the Spring 2, Spring 3 and Spring 4 plugins in versions before 1.4.3 and 1.3.3. The vulnerability can result in a...

8.8CVSS2.7AI score0.01374EPSS

Exploits3References13Affected Software3

Github Security Blog•added 2018/10/18 4:56 p.m.•29 views

Moderate severity vulnerability that affects org.apache.cxf.fediz:fediz-jetty8, org.apache.cxf.fediz:fediz-jetty9, and org.apache.cxf.fediz:fediz-spring2

Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF Cross Style Request Forgery style vulnerability has been found in the Spring 2, Spring 3, Jetty 8 and Jetty 9 plugins in Apache CXF Fediz prior to 1.4.0, 1.3.2 and 1.2.4...

8.8CVSS2AI score0.00925EPSS

Exploits0References10Affected Software3

OSV•added 2017/11/30 2:29 p.m.•25 views

CVE-2017-12631

8.8CVSS6.9AI score0.01374EPSS

Exploits3References9

Prion•added 2017/11/30 2:29 p.m.•14 views

Cross site request forgery (csrf)

6.8CVSS8.6AI score0.01374EPSS

Exploits3References9Affected Software1

NVD•added 2017/11/30 2:29 p.m.•8 views

CVE-2017-12631

8.8CVSS8.7AI score0.01374EPSS

Exploits3References9

Cvelist•added 2017/11/30 2:0 p.m.•15 views

CVE-2017-12631

8.7AI score0.01374EPSS

Exploits3References9

CVE•added 2017/11/30 2:0 p.m.•73 views

CVE-2017-12631

CVE-2017-12631 affects Apache CXF Fediz WS-Federation plugins (Spring 2, 3, 4). The root cause is a CSRF vulnerability that can cause a security context to be established using a malicious client’s roles for the end user. Affected components are the Fediz Spring plugins in versions before 1.4.3 a...

8.8CVSS8.6AI score0.01374EPSS

Exploits3References9Affected Software1

Prion•added 2017/05/16 5:29 p.m.•10 views

Cross site request forgery (csrf)

Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF Cross Style Request Forgery style vulnerability has been found in the Spring 2, Spring 3, Jetty 8 and Jetty 9 plugins in Apache CXF Fediz prior to 1.4.0, 1.3.2 and 1.2.4...

6.8CVSS8.6AI score0.00925EPSS

Exploits0References8Affected Software1

NVD•added 2017/05/16 5:29 p.m.•8 views

CVE-2017-7661

Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF Cross Style Request Forgery style vulnerability has been found in the Spring 2, Spring 3, Jetty 8 and Jetty 9 plugins in Apache CXF Fediz prior to 1.4.0, 1.3.2 and 1.2.4...

8.8CVSS8.6AI score0.00925EPSS

Exploits0References8

Cvelist•added 2017/05/16 5:0 p.m.•18 views

CVE-2017-7661

Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF Cross Style Request Forgery style vulnerability has been found in the Spring 2, Spring 3, Jetty 8 and Jetty 9 plugins in Apache CXF Fediz prior to 1.4.0, 1.3.2 and 1.2.4...

8.7AI score0.00925EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by