VIR Vulnerability Intelligence Relay

Search

Found 14 results in 396ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2017-12635 critical 9.8 10.0 EXPFIX slesarch arch apache 9y ago multiple issues in couchdb
CVE-2017-12629 critical 9.8 10.0 EXPFIX debian debianubuntu ubuntu rhel apacheredhat 9y ago Remote code execution occurs in Apache Solr
CVE-2014-0030 critical 9.8 10.0 EXP apache 9y ago The XML-RPC protocol support in Apache Roller before 5.0.3 allows attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.
CVE-2017-12611 critical 9.8 10.0 EXP apache 9y ago Apache Struts 2.0.1 uses an unintentional expression in a Freemarker tag instead of string literal
CVE-2016-3087 critical 9.8 10.0 EXP apache 10y ago Apache Struts vulnerable to arbitrary remote code execution due to improper input validation
CVE-2013-0177 low 4.5 EXP apache 13y ago Multiple cross-site scripting (XSS) vulnerabilities in widget/screen/ModelScreenWidget.java in Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.05, 11.04.01, and possibly 09.04.x all…
CVE-2013-6480 low 3.1 EXPFIX debian debian apache 13y ago Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information by leveraging a new VM.
CVE-2013-2134 critical 10.0 EXP apache 13y ago Arbitrary code execution in Apache Struts 2
CVE-2013-1966 critical 10.0 EXP apache 13y ago Arbitrary code execution in Apache Struts
CVE-2011-4415 low 2.2 EXPFIX debian debian apache 15y ago The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of envi…
CVE-2011-1772 low 3.6 EXP apacheopensymphony 15y ago Cross-site Scripting in Apache Struts
CVE-2010-0219 critical 10.0 EXP apachesap 16y ago Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier …
CVE-2010-1157 low 3.6 EXP apache 16y ago Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
CVE-2009-3555 critical 9.8 10.0 EXPFIX debian debianubuntu ubuntufedora fedora apachegnumozilla 17y ago The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9…