| Max CVSS | 7.1 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-4002 | 7.1 |
XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Ja
|
13-05-2022 - 14:57 | 23-07-2013 - 11:03 | |
| CVE-2015-0227 | 5.0 |
Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to "wrapping attacks."
|
04-10-2018 - 10:29 | 12-02-2015 - 16:59 | |
| CVE-2014-8122 | 4.3 |
Race condition in JBoss Weld before 2.2.8 and 3.x before 3.0.0 Alpha3 allows remote attackers to obtain information from a previous conversation via vectors related to a stale thread state.
|
08-09-2017 - 01:29 | 13-02-2015 - 15:59 | |
| CVE-2014-7839 | 6.4 |
DocumentProvider in RESTEasy 2.3.7 and 3.0.9 does not configure the (1) external-general-entities or (2) external-parameter-entities features, which allows remote attackers to conduct XML external entity (XXE) attacks via unspecified vectors.
|
23-04-2015 - 01:59 | 25-11-2014 - 15:59 |