Max CVSS | 7.5 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2012-0818 | 5.0 |
RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.
|
13-02-2023 - 03:26 | 23-11-2012 - 20:55 | |
CVE-2014-0003 | 7.5 |
The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message.
|
13-02-2023 - 00:29 | 21-03-2014 - 04:38 | |
CVE-2014-0002 | 7.5 |
The XSLT component in Apache Camel before 2.11.4 and 2.12.x before 2.12.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact via an XML document containing an external entity declaration in conjunction with an
|
13-02-2023 - 00:29 | 21-03-2014 - 04:38 | |
CVE-2013-1624 | 4.0 |
The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows r
|
30-10-2018 - 16:26 | 08-02-2013 - 19:55 | |
CVE-2011-5245 | 5.0 |
The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding (JAXB) input, aka an XML external entity (XXE
|
29-08-2017 - 01:30 | 23-11-2012 - 20:55 | |
CVE-2013-6468 | 6.5 |
JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression.
|
11-04-2014 - 14:54 | 10-04-2014 - 20:29 |