Max CVSS 6.8 Min CVSS 4.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-1114 4.0
It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak.
09-10-2019 - 23:38 11-09-2018 - 15:29
CVE-2018-1067 5.8
In Undertow before versions 7.1.2.CR1, 7.1.2.GA it was found that the fix for CVE-2016-4993 was incomplete and Undertow web server is vulnerable to the injection of arbitrary HTTP headers, and also response splitting, due to insufficient sanitization
09-10-2019 - 23:38 21-05-2018 - 17:29
CVE-2018-8039 6.8
It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");'. When this system property is set, CXF uses some reflection to try to ma
03-10-2019 - 00:03 02-07-2018 - 13:29
CVE-2018-10915 6.0
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untru
03-10-2019 - 00:03 09-08-2018 - 20:29
CVE-2018-1000180 5.0
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. T
03-10-2019 - 00:03 05-06-2018 - 13:29
CVE-2018-10237 4.3
Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray
12-06-2019 - 17:29 26-04-2018 - 21:29
CVE-2018-10862 4.9
WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 'Zip Slip' vulnerability.
26-04-2019 - 15:08 27-07-2018 - 14:29
Back to Top Mark selected
Back to Top