CVE-2018-7251 unknown —
1.0
EXP 4y ago
Anchor CMS Logs Credentials
CVE-2018-10054 unknown —
1.0
EXP sles 4y ago
Improper Input Validation in Datomic
CVE-2019-10867 unknown —
1.0
EXP 4y ago
Pimcore Unserialize Remote Code Execution
CVE-2017-9791 unknown —
2.5
KEV EXP 4y ago
The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
CVE-2018-7198 unknown —
1.0
EXP 4y ago
October CMS - RainLab Blog Plugin XSS
CVE-2019-9194 unknown —
1.0
EXP 4y ago
elFinder command injection vulnerability in the PHP connector
CVE-2019-0568 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2019-0567 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2019-0539 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-8617 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-8467 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-8466 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-8384 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-8355 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-8298 unknown —
2.5
KEV EXP 4y ago
The ChakraCore scripting engine contains a type confusion vulnerability which can allow for remote code execution.
CVE-2018-8291 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-8288 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-8229 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-8139 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-8133 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-14716 unknown —
1.0
EXP 4y ago
SEOmatic plugin for Craft CMS SSTI Vulnerability
CVE-2018-1133 unknown —
1.0
EXP 4y ago
Moodle calculated question type allows remote code execution by Question authors
CVE-2018-0980 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-0946 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-0934 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-0933 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-0860 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-0838 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-0837 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-0834 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-0835 unknown —
1.0
EXP 4y ago
ChakraCore RCE Vulnerability
CVE-2018-0114 unknown —
1.0
EXP 4y ago
Cisco node-jose improper validation of JWT signature
CVE-2019-1003002 unknown —
1.0
EXP 4y ago
Jenkins Pipeline Declarative Plugin sandbox bypass vulnerability
CVE-2019-1003001 unknown —
1.0
EXP 4y ago
Jenkins Groovy Plugin sandbox bypass vulnerability
CVE-2019-1003000 unknown —
1.0
EXP 4y ago
Protection Mechanism Failure in Jenkins Script Security Plugin
CVE-2019-1003030 unknown —
2.5
KEV EXP 4y ago
Jenkins Matrix Project plugin contains a vulnerability which can allow users to escape the sandbox, opening opportunity to perform remote code execution.
CVE-2013-2251 unknown —
2.5
KEV EXP 4y ago
Apache Struts allows remote attackers to execute arbitrary Object-Graph Navigation Language (OGNL) expressions.
CVE-2019-10874 unknown —
1.0
EXP 4y ago
Bolt Cross Site Request Forgery (CSRF)
CVE-2018-14009 unknown —
1.0
EXP 4y ago
Codiad remote code execution vulnerability
CVE-2018-19422 unknown —
1.0
EXP 4y ago
Subrion CMS RCE Vulnerability
CVE-2019-6804 unknown —
1.0
EXP 4y ago
Rundeck Community Edition vulnerable to Cross-site Scripting
CVE-2018-12613 unknown —
1.0
EXP FIX debian 4y ago
phpMyAdmin Improper Authentication
CVE-2019-3810 unknown —
1.0
EXP 4y ago
Moodle XSS Vulnerability
CVE-2017-8046 unknown —
1.0
EXP 4y ago
Remote code execution in PATCH requests in Spring Data REST
CVE-2017-1000353 unknown —
2.5
KEV EXP 4y ago
Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would…
CVE-2018-1999002 high —
9.0
EXP FIX arch 4y ago
multiple issues in jenkins
CVE-2018-1000861 unknown —
2.5
KEV EXP 4y ago
A code execution vulnerability exists in the Stapler web framework used by Jenkins
CVE-2019-1003029 unknown —
2.5
KEV EXP 4y ago
Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox.
CVE-2019-1003005 unknown —
1.0
EXP 4y ago
Sandbox Bypass in Script Security Plugin
CVE-2022-29885 unknown —
1.0
EXP FIX sles debian 4y ago
The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to r…
CVE-2022-1631 unknown —
1.0
EXP 4y ago
Incorrect Authorization in microweber
CVE-2022-1388 unknown —
2.5
KEV EXP 4y ago
F5 BIG-IP contains a missing authentication in critical function vulnerability which can allow for remote code execution, creation or deletion of files, or disabling services.
CVE-2017-5715 high —
9.0
EXP FIX debian arch sles 4y ago
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel a…
CVE-2012-0391 unknown —
2.5
KEV EXP 4y ago
The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution.
CVE-2019-8506 low —
5.0
KEV EXP FIX rocky debian rhel 4y ago
A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.
CVE-2014-4113 unknown —
2.5
KEV EXP 4y ago
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
CVE-2014-0322 unknown —
2.5
KEV EXP 4y ago
Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute code.
CVE-2014-0160 unknown —
2.5
KEV EXP FIX debian 4y ago
The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information.
CVE-2009-5065 medium —
5.3
EXP FIX debian mark_pilgrim 4y ago
Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0 allows remote attackers to inject arbitrary web script or HTML via …
CVE-2009-1595 unknown —
1.0
EXP 4y ago
Ignite Realtime Openfire Allows Users to Change Passwords of Arbitrary Accounts
CVE-2009-1523 unknown —
1.0
EXP 4y ago
Directory traversal in Mort Bay Jetty
CVE-2009-0815 unknown —
1.0
EXP 4y ago
TYPO3 leaks a hash secret in an error message
CVE-2009-0580 unknown —
1.0
EXP 4y ago
Exposure of Sensitive Information in Apache Tomcat
CVE-2009-0260 unknown —
1.0
EXP 4y ago
MoinMoin Multiple cross-site scripting (XSS) vulnerabilities
CVE-2009-0039 unknown —
1.0
EXP 4y ago
Apache Geronimo Application Server CSRF vulnerabilities
CVE-2009-0038 unknown —
1.0
EXP 4y ago
Apache Geronimo Application Server multiple cross-site scripting (XSS) vulnerabilities
CVE-2009-0026 unknown —
1.0
EXP 4y ago
Apache Jackrabbit contains Cross-site Scripting
CVE-2008-4524 unknown —
1.0
EXP 4y ago
AdaptCMS SQL Injection vulnerability
CVE-2008-2938 unknown —
1.0
EXP 4y ago
Apache Tomcat Directory Traversal vulnerability
CVE-2008-2370 unknown —
1.0
EXP 4y ago
Apache Tomcat Path Traversal Vulnerability
CVE-2008-1510 unknown —
1.0
EXP 4y ago
Alkacon OpenCMS XSS via searchfilter or listSearchFilter parameter
CVE-2008-1301 unknown —
1.0
EXP 4y ago
Alkacon OpenCMS Absolute Path Traversal via pathname in filePath.0 parameter
CVE-2008-1300 unknown —
1.0
EXP 4y ago
Alkacon Open CMS XSS via Logfile Viewer Settings function
CVE-2008-1232 unknown —
1.0
EXP 4y ago
Apache Tomcat Cross-site scripting (XSS) vulnerability
CVE-2008-1045 unknown —
1.0
EXP 4y ago
Alkacon OpenCMS XSS via file tree navigation in system/workplace/views/explorer/tree_files.jsp
CVE-2008-0782 unknown —
1.0
EXP 4y ago
MoinMoin Directory traversal vulnerability
CVE-2007-5461 unknown —
1.0
EXP 4y ago
Apache Tomcat Path Traversal Vulnerability
CVE-2007-5333 unknown —
1.0
EXP 4y ago
Exposure of Sensitive Information in Apache Tomcat
CVE-2007-3382 unknown —
1.0
EXP 4y ago
Apache Tomcat treats single quotes as delimiters in cookies
CVE-2007-2449 unknown —
1.0
EXP 4y ago
Apache Tomcat XSS Vulnerabilities in Examples Web Application
CVE-2007-2353 unknown —
1.0
EXP debian 4y ago
Apache Axis allows Exposure of Sensitive Information to an Unauthorized Actor
CVE-2007-1355 unknown —
1.0
EXP 4y ago
Apache Tomcat Vulnerable to Cross-Site Scripting
CVE-2007-0450 unknown —
1.0
EXP 4y ago
Apache Tomcat Directory Traversal
CVE-2006-7196 unknown —
1.0
EXP 4y ago
Cross-site scripting in Apache Tomcat
CVE-2006-5031 unknown —
1.0
EXP FIX debian 4y ago
CakePHP directory traversal vulnerability allows remote attackers to read arbitrary files
CVE-2006-3835 unknown —
1.0
EXP 4y ago
Apache Tomcat Reveals Directories
CVE-2006-2758 unknown —
1.0
EXP sles 4y ago
Jetty Directory Traversal Vulnerability
CVE-2006-2458 unknown —
1.0
EXP FIX debian 4y ago
Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via (1) the asf_read_header function in the ASF plugin (plugins/asfextractor.c…
CVE-2006-1711 unknown —
1.0
EXP 4y ago
Plone allows remote users to modify arbitrary portraits
CVE-2006-0254 unknown —
1.0
EXP 4y ago
Apache Geronimo console 1.0 vulnerable to cross-site scripting
CVE-2005-4703 unknown —
1.0
EXP 4y ago
Apache Tomcat Discloses MS-DOS Pathname
CVE-2005-3747 unknown —
1.0
EXP sles 4y ago
Mortbay Jetty Discloses JSP Source Code
CVE-2005-3745 unknown —
1.0
EXP 4y ago
Apache Struts Cross-site scripting Vulnerability
CVE-2002-2272 unknown —
1.0
EXP 4y ago
Apache Tomcat DoS via Malicious Get Request
CVE-2002-2006 unknown —
1.0
EXP 4y ago
Apache Tomcat Default Installation Reveals Sensitive Information
CVE-2002-1567 unknown —
1.0
EXP 4y ago
Apache Tomcat XSS Vulnerability
CVE-2002-1533 unknown —
1.0
EXP 4y ago
Jetty Javascript Inclusion Vulnerability
CVE-2002-1148 unknown —
1.0
EXP 4y ago
Apache Tomcat Source Code Disclosure
CVE-2001-0590 unknown —
1.0
EXP 4y ago
Apache Tomcat Allows Source Disclosure
CVE-2000-0759 unknown —
1.0
EXP 4y ago
Jakarta Apache Tomcat Reveals Physical Paths
