Lucene search
K

34 matches found

Packet Storm
Packet Storm
added 2019/01/16 12:0 a.m.251 views

Streamworks Job Scheduler Release 7 Authentication Weakness

Affected Products Streamworks Job Scheduler Release 7 older/newer releases have not been tested References Secuvera-SA-2016-01 https://www.secuvera.de/advisories/secuvera-SA-2016-01.txt used for updates No CVE number could be assigned vendor not listed under...

5CVSS0.2AI score0.99999EPSS
Exploits88
CNVD
CNVD
added 2018/05/28 12:0 a.m.4 views

IBM WebSphere Application Server for UNIX Elevation of Privilege Vulnerability

IBM WebSphere Application Server WAS for UNIX is the United States IBM developed and released a UNIX platform based on the application server products, it is the platform for Java EE and Web services applications, but also the basis of the IBM WebSphere software platform. A security vulnerability...

7.8CVSS7AI score0.00382EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/02/07 12:0 a.m.35 views

Debian: Security Advisory (DLA-1036-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.2AI score0.21894EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2017/09/01 9:29 p.m.29 views

CVE-2017-12874

The InfoCard module 1.0 for SimpleSAMLphp allows attackers to spoof XML messages by leveraging an incorrect check of return values in signature validation utilities...

7.5CVSS7.1AI score0.01261EPSS
Exploits0References2
OSV
OSV
added 2017/07/25 10:7 p.m.14 views

MGASA-2017-0221 Updated gsoap packages fix security vulnerability

A potential vulnerability to a large and specific XML message over 2GB in size greater than 2147483711 bytes to trigger the software bug. A buffer overflow can cause an open unsecured server to crash or malfunction after 2GB is received CVE-2017-9765...

8.1CVSS8.2AI score0.21894EPSS
Exploits2References3
Debian
Debian
added 2017/07/24 7:19 p.m.72 views

[SECURITY] [DLA 1036-1] gsoap security update

Package : gsoap Version : 2.8.7-2+deb7u1 CVE ID : CVE-2017-9765 A vulnerability was discovered in gsoap, a library for the development of SOAP web services and clients, that may be exposed with a large and specific XML message over 2 GB in size. After receiving this 2 GB message, a buffer overflo...

8.1CVSS8.7AI score0.21894EPSS
Exploits2
Check Point Advisories
Check Point Advisories
added 2014/10/22 12:0 a.m.16 views

Apache Camel XSLT Component Java Code Execution (CVE-2014-0003)

A code execution vulnerability has been reported in Apache Camel. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted XML message to the vulnerable server. Successful exploitation could result in the execution of arbitrary Java code...

7.5CVSS5.1AI score0.07352EPSS
Exploits2
Spring Security Advisories
Spring Security Advisories
added 2014/03/11 12:0 a.m.6 views

Incomplete fix for CVE-2013-7315 / CVE-2013-6429 (XXE)

Spring MVC's Jaxb2RootElementHttpMessageConverter also processed user provided XML and neither disabled XML external entities nor provided an option to disable them. Jaxb2RootElementHttpMessageConverter has been modified to provide an option to control the processing of XML external entities and...

6.8CVSS8.1AI score0.91354EPSS
Exploits1References3
Prion
Prion
added 2013/09/17 12:4 p.m.13 views

Design/Logic Flaw

Walrus in Eucalyptus before 3.2.2 allows remote attackers to cause a denial of service memory, thread, and CPU consumption via a crafted XML message containing a DTD, as demonstrated by a bucket-logging request...

4.3CVSS7AI score0.01626EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2013/09/17 12:4 p.m.25 views

CVE-2012-4067

Walrus in Eucalyptus before 3.2.2 allows remote attackers to cause a denial of service memory, thread, and CPU consumption via a crafted XML message containing a DTD, as demonstrated by a bucket-logging request...

4.3CVSS5.9AI score0.01626EPSS
Exploits0References2
CVE
CVE
added 2013/09/17 1:0 a.m.40 views

CVE-2012-4067

CVE-2012-4067 affects Eucalyptus Walrus prior to version 3.2.2. A crafted XML message containing a DTD can trigger a denial-of-service by exhausting memory, threads, and CPU resources, demonstrated via a bucket-logging request. Related entries also reference CVE-2013-2296. Multiple connected sour...

4.3CVSS6.5AI score0.01626EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2012/06/19 3:24 p.m.32 views

Low: Red Hat Security Advisory: sblim-cim-client2 security update

Updated sblim-cim-client2 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

5CVSS5.7AI score0.01857EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2009/12/08 12:0 a.m.10 views

Microsoft IIS WebDAV XML Message Handler Denial of Service (MS04-030; CVE-2003-0718)

The WebDAV protocol Web-based Distributed Authoring and Versioning is an extension to HTTP/1.1 that provides a capability for web page authoring over HTTP. The Microsoft WebDAV component is provided with Microsoft Internet Information Services Server IIS in order to provide support for WebDAV. Th...

5CVSS6.2AI score0.87908EPSS
Exploits0
Cisco
Cisco
added 2007/08/08 4:55 p.m.20 views

Cisco Unified MeetingPlace Template Cross-Site Scripting Vulnerability

Cisco Unified MeetingPlace versions prior to 5.3.235.0 contain a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. This vulnerability exists due to insufficient filtering of parameters by Cisco Unified MeetingPlace. An unauthenticated,...

4.3CVSS6.8AI score0.01569EPSS
Exploits0References1
Rows per page
Query Builder