Max CVSS 7.5 Min CVSS 4.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2017-1000487 7.5
Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.
10-10-2024 - 19:55 03-01-2018 - 20:29
CVE-2017-12626 5.0
Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1) Infinite Loops while parsing crafted WMF, EMF, MSG and macros (POI bugs 61338 and 61294), and 2) Out of Memory Exceptions while parsing crafted DOC, PPT and
14-06-2021 - 18:15 29-01-2018 - 17:29
CVE-2017-7559 5.8
In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1.3.x before 1.3.31.Final, it was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be
09-10-2019 - 23:29 10-01-2018 - 15:29
CVE-2017-12165 5.0
It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can cause possible http request smuggling.
09-10-2019 - 23:22 27-07-2018 - 15:29
CVE-2016-8750 4.0
Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.
26-04-2019 - 13:16 19-02-2018 - 15:29
Back to Top Mark selected
Back to Top