Max CVSS 7.5 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2016-2141 7.5
It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages wi
26-04-2023 - 21:15 30-06-2016 - 16:59
CVE-2015-0254 7.5
Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform> JSTL XML tag.
20-07-2021 - 23:15 09-03-2015 - 14:59
CVE-2016-2510 6.8
BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler.
20-10-2020 - 22:15 07-04-2016 - 20:59
CVE-2015-3253 7.5
The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object.
24-06-2020 - 05:15 13-08-2015 - 14:59
CVE-2015-0226 5.0
Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via
23-07-2019 - 23:15 30-10-2017 - 14:29
Back to Top Mark selected
Back to Top