Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache ant vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-22602
When using Apache Shiro prior to 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques. Both Shiro and Spring Boot <...
Apache Shiro
Vmware Spring Boot 2.6.0
6.3
CVSSv3
CVE-2020-1945
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory bac...
Apache Ant
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.2
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Retail Integration Bus 14.1
Oracle Flexcube Private Banking 12.0.0
Oracle Retail Store Inventory Management 14.1
Oracle Primavera Unifier 16.1
Oracle Enterprise Repository 11.1.1.7.0
Oracle Retail Service Backbone 15.0
Oracle Retail Integration Bus 15.0
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 2.2.0.0.0
Oracle Flexcube Investor Servicing 12.4.0
7.5
CVSSv3
CVE-2020-11979
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively n...
Apache Ant 1.10.8
Gradle Gradle
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.4.0
Oracle Flexcube Private Banking 12.0.0
Oracle Api Gateway 11.1.2.4.0
Oracle Banking Platform 2.4.1
Oracle Primavera Unifier 16.1
Oracle Enterprise Repository 11.1.1.7.0
Oracle Retail Predictive Application Server 14.1
Oracle Banking Platform 2.6.2
Oracle Primavera Unifier 18.8
Oracle Data Integrator 12.2.1.3.0
Oracle Primavera Unifier
Oracle Utilities Framework 4.3.0.5.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Communications Unified Inventory Management 7.4.0
NA
CVE-2018-10886
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: this candidate is not about any specific product, protocol, or design, that falls into the scope of the assigning CNA. Notes: None
5.5
CVSSv3
CVE-2021-36374
When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats ...
Apache Ant
Oracle Retail Store Inventory Management 14.1
Oracle Enterprise Repository 11.1.1.7.0
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Retail Central Office 14.0
Oracle Retail Central Office 14.1
Oracle Primavera Unifier 18.8
Oracle Retail Point-of-service 14.1
Oracle Retail Point-of-service 14.0
Oracle Retail Predictive Application Server 15.0.3
Oracle Primavera Unifier
Oracle Utilities Framework 4.4.0.0.0
Oracle Agile Plm 9.3.6
Oracle Communications Unified Inventory Management 7.4.0
Oracle Retail Store Inventory Management 16.0
Oracle Primavera Unifier 19.12
Oracle Utilities Framework
Oracle Utilities Framework 4.4.0.2.0
Oracle Communications Unified Inventory Management 7.3.0
5.5
CVSSv3
CVE-2021-36373
When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant before 1.9.16 and 1.10.11 were aff...
Apache Ant
Oracle Retail Store Inventory Management 14.1
Oracle Enterprise Repository 11.1.1.7.0
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Retail Central Office 14.0
Oracle Retail Central Office 14.1
Oracle Primavera Unifier 18.8
Oracle Retail Point-of-service 14.1
Oracle Retail Point-of-service 14.0
Oracle Retail Predictive Application Server 15.0.3
Oracle Primavera Unifier
Oracle Utilities Framework 4.4.0.0.0
Oracle Agile Plm 9.3.6
Oracle Communications Unified Inventory Management 7.4.0
Oracle Retail Store Inventory Management 16.0
Oracle Primavera Unifier 19.12
Oracle Utilities Framework
Oracle Utilities Framework 4.4.0.2.0
Oracle Communications Unified Inventory Management 7.3.0
NA
CVE-2024-32656
Ant Media Server is live streaming engine software. A local privilege escalation vulnerability in present in versions 2.6.0 up to and including 2.8.2 allows any unprivileged operating system user account to escalate privileges to the root user account on the system. This vulnerab...
7.5
CVSSv3
CVE-2021-35517
When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' tar pack...
Apache Commons Compress
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Oracle Webcenter Portal 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Banking Digital Experience 19.1
Oracle Flexcube Universal Banking
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Primavera Unifier 20.12
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Messaging Server 8.1
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Insurance Policy Administration 11.3.0
Oracle Insurance Policy Administration 11.0.2
7.5
CVSSv3
CVE-2021-36090
When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' zip pack...
Apache Commons Compress
Oracle Webcenter Portal 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Banking Platform 2.6.2
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Communications Unified Inventory Management 7.4.0
Oracle Banking Digital Experience 19.1
Oracle Flexcube Universal Banking
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Primavera Unifier 20.12
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Messaging Server 8.1
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started