Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-4372 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Fuse Management Console in Red Hat JBoss Fuse 6.0.0 before patch 3 and JBoss A-MQ 6.0.0 before patch 3 allow remote attackers to inject arbitrary web script or HTML via the (1) user field in the
|
13-02-2023 - 04:46 | 30-09-2013 - 21:55 | |
CVE-2013-4330 | 6.8 |
Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple{}" in a CamelFileName message header to a (1) FILE or (2) FTP producer.
|
13-02-2023 - 04:46 | 04-10-2013 - 17:55 | |
CVE-2013-1768 | 7.5 |
The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for rem
|
20-04-2018 - 01:29 | 11-07-2013 - 22:55 | |
CVE-2013-4221 | 7.5 |
The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML.
|
07-12-2016 - 18:13 | 10-10-2013 - 00:55 | |
CVE-2013-4271 | 7.5 |
The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources, which allows remote attackers to execute arbitrary Java code via a serialized object, a different vulnerability than CVE-
|
06-12-2016 - 19:17 | 10-10-2013 - 00:55 |