Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
NetappOncommand Workflow Automation

59 matches found

CVE
CVEadded 2020/10/06 2:15 p.m.184 views

CVE-2020-25644

A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availability.

7.5CVSS6.9AI score0.00597EPSS
CVE
CVEadded 2019/10/08 2:15 p.m.176 views

CVE-2019-17359

The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.

7.5CVSS8.1AI score0.07634EPSS
CVE
CVEadded 2017/10/19 5:29 p.m.175 views

CVE-2017-10309

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks r...

7.1CVSS7AI score0.01637EPSS
Web
CVE
CVEadded 2023/11/03 4:15 a.m.174 views

CVE-2023-31102

Ppmd7.c in 7-Zip before 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive.

7.8CVSS7.2AI score0.35539EPSS
CVE
CVEadded 2021/01/27 7:15 p.m.172 views

CVE-2021-26117

The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users password in error, ...

7.5CVSS7.5AI score0.163EPSS
CVE
CVEadded 2022/08/31 4:15 p.m.156 views

CVE-2022-1259

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629.

7.5CVSS6.3AI score0.00151EPSS
CVE
CVEadded 2025/02/04 8:15 p.m.130 views

CVE-2025-0509

A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s (Ed)DSA signing checks.

7.3CVSS7.2AI score0.00023EPSS
CVE
CVEadded 2018/01/18 2:29 a.m.125 views

CVE-2018-2627

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Suc...

7.5CVSS7.4AI score0.00373EPSS
CVE
CVEadded 2021/01/27 7:15 p.m.123 views

CVE-2021-26118

While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error.

7.5CVSS7.5AI score0.0101EPSS
Total number of security vulnerabilities59