Lucene search
K

44 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/11/22 8:17 p.m.15 views

Security Bulletin: Apache uimaj-core.jar security vulnerability CVE-2017-15691

Summary Apache uimaj-core.jar security vulnerability CVE-2017-15691 in FileNet Content Manager FNCM Content Search Services CSS/Enterprise Content Management Text Search ECMTS. CSS/ECMTS is affected and is potentially vulnerable. Vulnerability Details CVEID:CVE-2017-15691 DESCRIPTION: Apache uima...

6.5CVSS5.8AI score0.09021EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.42 views

K12487579: Apache vulnerabilities CVE-2018-1282, CVE-2018-1284, CVE-2018-1295, CVE-2018-1308, and CVE-2018-1315

Security Advisory Description CVE-2018-1282 This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation. CVE-2018-1284 In Apache Hive 0.6.0 to 2.3.2,...

9.8CVSS6.6AI score0.20937EPSS
Exploits0
Veracode
Veracode
added 2019/01/15 9:19 a.m.41 views

Remote Code Execution (RCE)

lucene-queryparser is vulnerable to remote code execution. This is possible through the use of an XML external entity expansion XXE attack and the Config API with add-listener command...

9.8CVSS9.6AI score0.91896EPSS
Exploits11References31Affected Software14
Github Security Blog
Github Security Blog
added 2018/10/17 7:55 p.m.25 views

There is a XML external entity expansion (XXE) vulnerability in Apache Solr

This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion XXE in the &dataConfig= parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the...

7.5CVSS2.2AI score0.20937EPSS
Exploits0References10Affected Software1
Github Security Blog
Github Security Blog
added 2018/10/17 7:55 p.m.31 views

XML external entity expansion in org.apache.solr:solr-core

This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion XXE in Solr config files currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file. In addition, Xinclude functionality provided in these config files is als...

5.5CVSS5.2AI score0.09025EPSS
Exploits1References9Affected Software1
Prion
Prion
added 2018/07/05 2:29 p.m.12 views

Xxe

This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion XXE in Solr config files currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file. In addition, Xinclude functionality provided in these config files is als...

2.1CVSS5.3AI score0.09025EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2018/07/05 2:0 p.m.27 views

CVE-2018-8026

This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion XXE in Solr config files currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file. In addition, Xinclude functionality provided in these config files is als...

5.3AI score0.09025EPSS
Exploits1References4
Prion
Prion
added 2018/06/13 1:29 p.m.15 views

Xxe

The TIBCO Designer component of TIBCO Software Inc.'s TIBCO Runtime Agent, and TIBCO Runtime Agent for z/Linux contains vulnerabilities wherein a malicious user could perform XML external entity expansion XXE attacks to disclose host machine information. Affected releases are TIBCO Software Inc.'...

6.8CVSS6.6AI score0.01233EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/06/13 1:29 p.m.17 views

Xxe

The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, and TIBCO Administrator - Enterprise Edition for z/Linux contains vulnerabilities wherein a malicious user could perform XML external entity expansion XXE attacks to disclose host machine...

6.8CVSS6.6AI score0.01431EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/06/13 1:0 p.m.16 views

CVE-2018-5434 XML eXternal Entity Expansion Vulnerabilities with TIBCO Runtime Agent

The TIBCO Designer component of TIBCO Software Inc.'s TIBCO Runtime Agent, and TIBCO Runtime Agent for z/Linux contains vulnerabilities wherein a malicious user could perform XML external entity expansion XXE attacks to disclose host machine information. Affected releases are TIBCO Software Inc.'...

5.8CVSS6.6AI score0.01233EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/06/13 1:0 p.m.16 views

CVE-2018-5433 XML eXternal Entity Expansion Vulnerabilities with TIBCO Administrator

The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, and TIBCO Administrator - Enterprise Edition for z/Linux contains vulnerabilities wherein a malicious user could perform XML external entity expansion XXE attacks to disclose host machine...

6.5CVSS6.6AI score0.01431EPSS
Exploits0References2
Tibco
Tibco
added 2018/06/06 10:37 p.m.19 views

TIBCO Security Advisory: June 12, 2018 - TIBCO Runtime Agent -2018-5434

XML eXternal Entity Expansion Vulnerabilities with TIBCO Runtime Agent Original release date: June 12,2018 Last revised: -- CVE-2018-5434 Source: TIBCO Software Inc. XML eXternal Entity Expansion Vulnerabilities with TIBCO Runtime Agent Original release date: June 12, 2018 Last revised: -- Source...

6.8CVSS6.8AI score0.01233EPSS
Exploits0Affected Software1
OSV
OSV
added 2018/05/21 7:29 p.m.20 views

CVE-2018-8010

This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion XXE in Solr config files solrconfig.xml, schema.xml, managed-schema. In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability...

5.5CVSS7AI score
Exploits0References3
Prion
Prion
added 2018/05/21 7:29 p.m.17 views

Xxe

This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion XXE in Solr config files solrconfig.xml, schema.xml, managed-schema. In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability...

2.1CVSS5.3AI score0.03917EPSS
Exploits0References3Affected Software1
Debian
Debian
added 2018/04/24 5:57 p.m.27 views

[SECURITY] [DLA 1360-1] lucene-solr security update

Package : lucene-solr Version : 3.6.0+dfsg-1+deb7u4 CVE ID : CVE-2018-1308 Debian Bug : 896604 It was discovered that there was an XML external entity expansion XXE vulnerability in lucene-solr, a search engine library for Java. It could be exploited to read arbitrary local files from the Solr...

7.5CVSS7.5AI score0.20937EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/04/24 12:0 a.m.18 views

Debian: Security Advisory (DLA-1360-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.20937EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/04/09 1:29 p.m.23 views

CVE-2018-1308

This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion XXE in the &dataConfig= parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the...

7.5CVSS7.2AI score0.20937EPSS
Exploits0References4
Prion
Prion
added 2018/04/09 1:29 p.m.17 views

Xxe

This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion XXE in the &dataConfig= parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the...

5CVSS7.2AI score0.20937EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2018/04/09 1:29 p.m.17 views

CVE-2018-1308

This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion XXE in the &dataConfig= parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the...

7.5CVSS7.5AI score
Exploits0References5
Debian CVE
Debian CVE
added 2018/04/09 1:0 p.m.20 views

CVE-2018-1308

This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion XXE in the &dataConfig= parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the...

7.5CVSS7.5AI score0.20937EPSS
Exploits0
Rows per page
Query Builder