| Max CVSS | 7.5 | Min CVSS | 3.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-3578 | 5.0 |
Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL.
|
14-07-2019 - 00:15 | 19-02-2015 - 20:59 | |
| CVE-2014-8114 | 6.8 |
The UberFire Framework 0.3.x does not properly restrict paths, which allows remote attackers to (1) execute arbitrary code by uploading crafted content to FileUploadServlet or (2) read arbitrary files via vectors involving FileDownloadServlet.
|
12-04-2019 - 19:29 | 20-02-2015 - 16:59 | |
| CVE-2014-0005 | 3.6 |
PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2 and JBoss BRMS before 6.0.3 roll up patch 2, allows remote authenticated users to read and modify the application sever configuration and state by deploying
|
28-03-2015 - 01:59 | 20-02-2015 - 16:59 | |
| CVE-2014-3682 | 7.5 |
XML external entity (XXE) vulnerability in the JBPMBpmn2ResourceImpl function in designer/bpmn2/resource/JBPMBpmn2ResourceImpl.java in jbpm-designer 6.0.x and 6.2.x allows remote attackers to read arbitrary files and possibly have other unspecified i
|
24-03-2015 - 13:55 | 20-02-2015 - 16:59 | |
| CVE-2014-8115 | 6.5 |
The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors.
|
23-03-2015 - 16:53 | 20-02-2015 - 16:59 |