CVE-2022-23307

all versions

CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a compon

8.8HIGH

CVE-2022-23305

all versions

By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted a

9.8CRITICAL

CVE-2022-23302

all versions

JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the

8.8HIGH

CVE-2021-4104

all versions

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j config

7.5HIGH

CVE-2019-0227

all versions

A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Secur

7.5HIGH

CVE-2018-5407

all versions

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a sid

4.7MEDIUM

CVE-2018-0734

all versions

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variati

5.9MEDIUM

CVE-2018-0735

all versions

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use varia

5.9MEDIUM

CVE-2018-8032

all versions

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.

6.1MEDIUM

CVE-2018-3007

all versions

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affecte

8.6HIGH

CVE-2017-10278

all versions

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are aff

7.0HIGH

CVE-2017-10272

all versions

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affecte

9.9CRITICAL

CVE-2017-10269

all versions

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affecte

10.0CRITICAL

CVE-2017-10267

all versions

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affecte

7.5HIGH

CVE-2017-10266

all versions

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affecte

5.3MEDIUM

CVE-2015-3197

all versions

ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easi

5.9MEDIUM

CVE-2007-5576

all versions

BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the password in cleartext, which

CVE-2003-0623

all versions

Cross-site scripting (XSS) vulnerability in the Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to i

CVE-2003-0622

all versions

The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to cause a denial of service (hang) via pathname

CVE-2003-0621

all versions

The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to determine the existence of files outside the

CVE-2001-1477

all versions

The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, ev