Lucene search

Stanford Security Vulnerabilities

cve

CVE-2023-39020

stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked...

9.8CVSS

9.6AI Score

0.002EPSS

2023-07-28 03:15 PM

cve

CVE-2009-2945

weblogin/login.fcgi (aka the WebLogin login script) in Stanford University WebAuth 3.5.5, 3.6.0, and 3.6.1 places passwords in URLs in certain circumstances involving conversion of a POST request to a GET request, which allows context-dependent attackers to discover passwords by reading (1)...

6.3AI Score

0.002EPSS

2022-10-03 04:24 PM

cve

CVE-2021-44550

An Incorrect Access Control vulnerability exists in CoreNLP 4.3.2 via the classifier in NERServlet.java (lines 158 and...

9.8CVSS

9.3AI Score

0.003EPSS

2022-02-24 03:15 PM

cve

CVE-2022-0239

corenlp is vulnerable to Improper Restriction of XML External Entity...

9.8CVSS

9.3AI Score

0.002EPSS

2022-01-17 07:15 AM

cve

CVE-2022-0198

corenlp is vulnerable to Improper Restriction of XML External Entity...

7.1CVSS

6.8AI Score

0.001EPSS

2022-01-13 07:15 AM

cve

CVE-2021-3869

corenlp is vulnerable to Improper Restriction of XML External Entity...

7.5CVSS

7.5AI Score

0.002EPSS

2021-10-19 01:15 PM

cve

CVE-2021-3878

corenlp is vulnerable to Improper Restriction of XML External Entity...

9.8CVSS

9.3AI Score

0.002EPSS

2021-10-15 02:15 PM

cve

CVE-2013-2106

webauth before 4.6.1 has authentication credential...

7.5CVSS

7.5AI Score

0.004EPSS

2019-12-03 02:15 PM