IDCVSSSummaryLast (major) updatePublished
CVE-2018-11040 4.3
Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controlle
25-06-2018 - 11:29 25-06-2018 - 11:29
CVE-2018-1258 6.5
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted
11-05-2018 - 16:29 11-05-2018 - 16:29
CVE-2017-10424 6.8
Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Web). Supported versions that are affected are 3.2.8.2223 and earlier, 3.3.4.3247 and earlier and 3.4.2.4181 and earlier. Easily exploitable vulnerabil
19-10-2017 - 13:29 19-10-2017 - 13:29
CVE-2017-3306 8.2
Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier, 3.2.1182 and earlier and 3.3.2.1162 and earlier. Easily "exploitable" vulnera
04-05-2017 - 09:07 24-04-2017 - 15:59
CVE-2017-3307 3.6
Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier, 3.2.1182 and earlier and 3.3.2.1162 and earlier. Difficult to exploit vulnera
03-05-2017 - 12:16 24-04-2017 - 15:59
CVE-2017-5645 7.5
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
24-04-2017 - 20:32 17-04-2017 - 17:59
CVE-2016-5590 6.5
Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Agent). Supported versions that are affected are 3.1.3.7856 and earlier. Easily exploitable vulnerability allows high privileged attacker with network
31-01-2017 - 10:06 27-01-2017 - 17:59
CVE-2015-3144 9.0
The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via
21-12-2016 - 21:59 24-04-2015 - 10:59
CVE-2013-4316 10.0
Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors.
07-12-2016 - 12:34 30-09-2013 - 17:55
CVE-2016-3461 4.3
Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality, integrity, and availability via vectors related to Monitoring: Server
02-12-2016 - 22:27 21-04-2016 - 07:00
Back to Top Mark selected
Back to Top