Lucene search
K

5 matches found

CVE
CVE
added 2014/12/11 11:0 a.m.38 views

CVE-2014-6114

The CVE-2014-6114 issue affects IBM WebSphere ENTERPRISE products in the IBM ODM/Rules stack: Hosted Transparent Decision Service in Rule Execution Server, impacting WebSphere ILOG JRules 7.1 (before MP1 FP5 IF43); WebSphere ODM 7.5 (before FP3 IF41); ODM 8.0 (before MP1 FP2 IF34); ODM 8.5 (befor...

5CVSS6.9AI score0.02166EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2014/11/04 8:0 p.m.18 views

CVE-2014-8474

CA Cloud Service Management CSM before Summer 2014 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via an XML document containing an external entity declaration in conjunction with an entity reference...

6.9AI score0.02537EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/07/24 12:0 a.m.43 views

FreeBSD : tomcat -- multiple vulnerabilities (81fc1076-1286-11e4-bebd-000c2980a9f3)

Tomcat Security Team reports : Tomcat does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference,...

5CVSS6.5AI score0.2006EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2014/01/23 9:55 p.m.41 views

CVE-2013-4152

The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in...

6.8CVSS7.3AI score0.26467EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2013/12/07 8:0 p.m.39 views

CVE-2013-6408

The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Enti...

6.4CVSS6.5AI score0.114EPSS
Exploits0
Rows per page
Query Builder