• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

enterprise_linux

CVE-2018-14462

February 26, 2023 by

The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().

CVE-2020-10705

February 26, 2023 by

A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the “Expect: 100-continue” header may cause an out of memory error. This flaw may potentially lead to a denial of service.

CVE-2020-10688

February 26, 2023 by

A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.

CVE-2020-10687

February 26, 2023 by

A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.

CVE-2019-17570

February 26, 2023 by

An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue will not be fixed.

CVE-2019-16869

February 26, 2023 by

Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a “Transfer-Encoding : chunked” line), which leads to HTTP request smuggling.

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Interim pages omitted …
  • Go to page 5
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE