CVE-2018-3246
- EPSS 3.24%
- Veröffentlicht 17.10.2018 01:31:26
- Zuletzt bearbeitet 21.11.2024 04:05:31
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker wit...
CVE-2018-1000613
- EPSS 4.04%
- Veröffentlicht 09.07.2018 20:29:00
- Zuletzt bearbeitet 12.05.2025 17:37:16
Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT priv...
CVE-2018-1000180
- EPSS 0.24%
- Veröffentlicht 05.06.2018 13:29:00
- Zuletzt bearbeitet 12.05.2025 17:37:16
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. T...
CVE-2017-12617
- EPSS 94.37%
- Veröffentlicht 04.10.2017 01:29:02
- Zuletzt bearbeitet 22.10.2025 00:16:04
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload ...
CVE-2016-8735
- EPSS 93.88%
- Veröffentlicht 06.04.2017 21:59:00
- Zuletzt bearbeitet 22.10.2025 00:15:56
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because...