CVSS: 5.3EPSS: 0%CPEs: 35EXPL: 0CVE-2018-2603 – OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)
https://notcve.org/view.php?id=CVE-2018-2603
18 Jan 2018 — Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (part... • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 48%CPEs: 2EXPL: 2CVE-2017-5641 – Cisco Nexus Dashboard Fabric Controller Improper Privilege Management Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-5641
28 Dec 2017 — Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can ... • https://packetstorm.news/files/id/151535 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2016-4378
https://notcve.org/view.php?id=CVE-2016-4378
26 Aug 2016 — The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Edition Software before 8.4.1-00 and XP7 Command View Advanced Edition Suite before 8.4.1-00 allow remote attackers to obtain sensitive information via unspecified vectors. Los componentes (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor y (5) Hitachi Automation Director... • http://www.securityfocus.com/bid/92649 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 1%CPEs: 8EXPL: 1CVE-2015-5255 – HP Security Bulletin HPSBST03568 1
https://notcve.org/view.php?id=CVE-2015-5255
18 Nov 2015 — Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before Update 7 and LiveCycle Data Services 3.0.x before 3.0.0.354175, 3.1.x before 3.1.0.354180, 4.5.x before 4.5.1.354177, 4.6.2.x before 4.6.2.354178, and 4.7.x before 4.7.0.354178, allows remote attackers to send HTTP traffic to intranet servers via a crafted XML document, related to a Server-Side Request Forgery (SSRF) issue. Adobe BlazeDS, como se utiliza en ColdFusion 10 en versiones anteriores a Update 18 y 11 en versiones anteriores a ... • https://packetstorm.news/files/id/134506 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 0CVE-2013-4814 – HP Security Bulletin HPSBST02919
https://notcve.org/view.php?id=CVE-2013-4814
21 Sep 2013 — Cross-site scripting (XSS) vulnerability in HP XP P9000 Command View Advanced Edition Suite Software 7.x before 7.5.0-02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en HP XP P9000 Command View Advanced Edition Suite Software v7.x anterior a v7.5.0-02 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. A potential security vulnerability has been identified with HP XP P9000 Comm... • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03898171 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2012-3281
https://notcve.org/view.php?id=CVE-2012-3281
06 Feb 2013 — Unspecified vulnerability in Device Manager in HP XP P9000 Command View Advanced Edition before 7.4.0-00 allows remote attackers to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en el Device Manager en HP XP P9000 Command View Advanced Edition antes v7.4.0-00 permite a atacantes remotos provocar una denegación de servicio a través de vectores desconocidos. • https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03650706 •