| Max CVSS | 7.5 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-5645 | 7.5 |
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
|
04-04-2022 - 16:53 | 17-04-2017 - 21:59 | |
| CVE-2016-2510 | 6.8 |
BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler.
|
20-10-2020 - 22:15 | 07-04-2016 - 20:59 | |
| CVE-2018-3258 | 6.5 |
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p
|
03-10-2019 - 00:03 | 17-10-2018 - 01:31 | |
| CVE-2018-11798 | 4.0 |
The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in which a remote user has the ability to access files outside the set webservers docroot path.
|
19-06-2019 - 00:15 | 07-01-2019 - 17:29 | |
| CVE-2017-15691 | 4.0 |
In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0-beta, Apache uima-as prior to 2.10.2, Apache uimaFIT prior to 2.4.0, Apache uimaDUCC prior to 2.2.2, this vulnerability relates to an XML external entity expansion (XXE) capabilit
|
19-06-2019 - 00:15 | 26-04-2018 - 17:29 |