Lucene search
K

49 matches found

Cvelist
Cvelist
added 2012/11/23 8:0 p.m.39 views

CVE-2011-5245

The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding JAXB input, aka an XML external entity XXE injection attack, a similar vulnerability to...

6.7AI score0.03213EPSS
Exploits0References19
CVE
CVE
added 2012/11/23 8:0 p.m.103 views

CVE-2011-5245

CVE-2011-5245 affects RESTEasy (JBoss REST framework). The vulnerability arises in the readFrom function of providers.jaxb.JAXBXmlTypeProvider, allowing an XML External Entity (XXE) injection that lets an attacker read arbitrary files via an external entity reference in JAXB input. Affected versi...

5CVSS9.2AI score0.03213EPSS
Exploits0References19Affected Software1
RedHat Linux
RedHat Linux
added 2012/07/05 7:20 p.m.3 views

RESTEasy: XML eXternal Entity (XXE) flaw

The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding JAXB input, aka an XML external entity XXE injection attack, a similar vulnerability to...

5CVSS7.5AI score0.03213EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/04/25 2:3 a.m.4 views

RESTEasy: XML eXternal Entity (XXE) flaw

The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding JAXB input, aka an XML external entity XXE injection attack, a similar vulnerability to...

5CVSS7.5AI score0.03213EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/04/02 8:5 p.m.5 views

RESTEasy: XML eXternal Entity (XXE) flaw

The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding JAXB input, aka an XML external entity XXE injection attack, a similar vulnerability to...

5CVSS7.5AI score0.03213EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2009/01/13 9:33 p.m.4 views

OpenJDK applet privilege escalation via JAX package access (6592792)

Multiple unspecified vulnerabilities in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier allow untrusted applets and applications to gain privileges via vectors related to access to inner classes in the 1 JAX-WS and 2 JAXB packages...

7.5CVSS7.2AI score0.03426EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2006/07/20 1:41 p.m.2 views

security flaw

Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...

9.3CVSS6.2AI score0.0696EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2006/04/21 3:41 p.m.3 views

security flaw

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding XBL.method.eval to create Javascript functions that are compiled with extra...

9.3CVSS6.2AI score0.08979EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2005/09/22 8:36 p.m.4 views

security flaw

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface...

5CVSS5.9AI score0.01818EPSS
Exploits0References4
Rows per page
Query Builder