Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache james vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2022-22931
Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores (limited to user names being prefixed by the value of the user...
Apache James 3.6.1
NA
CVE-2006-2806
The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote malicious users to cause a denial of service (CPU consumption) via a long argument to the MAIL command.
Apache James 2.2.0
8.1
CVSSv3
CVE-2015-7611
Apache James Server 2.3.2, when configured with file-based user repositories, allows malicious users to execute arbitrary system commands via unspecified vectors.
Apache James Server 2.3.2
1 EDB exploit
NA
CVE-2013-2172
jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x prior to 1.4.8 and 1.5.x prior to 1.5.5 allows context-dependent malicious users to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrar...
Apache Santuario Xml Security For Java 1.5.1
Apache Santuario Xml Security For Java 1.5.2
Apache Santuario Xml Security For Java 1.5.4
Apache Santuario Xml Security For Java 1.5.3
Apache Santuario Xml Security For Java 1.4.7
Apache Santuario Xml Security For Java 1.5.0
9.8
CVSSv3
CVE-2019-0228
Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent malicious users to conduct XML External Entity (XXE) attacks via a crafted XFDF.
Apache Pdfbox 2.0.14
Apache James 3.4.0
Apache James 3.3.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Oracle Hyperion Financial Reporting 11.1.2.4
Oracle Webcenter Sites 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Webcenter Sites 12.2.1.4.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Banking Virtual Account Management 14.3.0
Oracle Communications Messaging Server 8.1
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Retail Xstore Point Of Service 16.0.6
Oracle Retail Xstore Point Of Service 18.0.3
Oracle Hyperion Financial Reporting 11.2.6.0
Oracle Banking Trade Finance Process Management 14.2
Oracle Banking Trade Finance Process Management 14.3
Oracle Banking Trade Finance Process Management 14.5
Oracle Banking Credit Facilities Process Management 14.2
Oracle Banking Credit Facilities Process Management 14.3
Oracle Banking Credit Facilities Process Management 14.5
1 Github repository
6.1
CVSSv3
CVE-2012-3536
Two XSS vulnerabilities were fixed in message list and view in the Hupa Webmail application from the Apache James project. An attacker could send a carefully crafted email to a user of Hupa which would trigger a XSS when the email was opened or when a list of messages were viewed...
Apache Hupa
NA
CVE-2013-2153
The XML digital signature functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) prior to 1.7.1 allows context-dependent malicious users to reuse signatures and spoof arbitrary content via crafted Reference elements in the Signat...
Apache Xml Security For C++ 1.6.0
Apache Xml Security For C++ 1.1.0
Apache Xml Security For C++ 1.6.1
Apache Xml Security For C++ 1.2.1
Apache Xml Security For C++ 1.5.1
Apache Xml Security For C++ 1.5.0
Apache Xml Security For C++ 0.2.0
Apache Xml Security For C++ 1.3.0
Apache Xml Security For C++
Apache Xml Security For C++ 1.4.0
Apache Xml Security For C++ 1.3.1
Apache Xml Security For C++ 1.2.0
Apache Xml Security For C++ 0.1.0
NA
CVE-2013-2155
Apache Santuario XML Security for C++ (aka xml-security-c) prior to 1.7.1 does not properly validate length values, which allows remote malicious users to cause a denial of service or bypass the CVE-2009-0217 protection mechanism and spoof a signature via crafted length values to...
Apache Xml Security For C++ 1.6.0
Apache Xml Security For C++ 1.1.0
Apache Xml Security For C++ 1.6.1
Apache Xml Security For C++ 1.2.1
Apache Xml Security For C++ 1.5.1
Apache Xml Security For C++ 1.5.0
Apache Xml Security For C++ 0.2.0
Apache Xml Security For C++ 1.3.0
Apache Xml Security For C++
Apache Xml Security For C++ 1.4.0
Apache Xml Security For C++ 1.3.1
Apache Xml Security For C++ 1.2.0
Apache Xml Security For C++ 0.1.0
NA
CVE-2013-2156
Heap-based buffer overflow in the Exclusive Canonicalization functionality (xsec/canon/XSECC14n20010315.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) prior to 1.7.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitr...
Apache Xml Security For C++ 1.6.0
Apache Xml Security For C++ 1.1.0
Apache Xml Security For C++ 1.6.1
Apache Xml Security For C++ 1.2.1
Apache Xml Security For C++ 1.5.1
Apache Xml Security For C++ 1.5.0
Apache Xml Security For C++ 0.2.0
Apache Xml Security For C++ 1.3.0
Apache Xml Security For C++
Apache Xml Security For C++ 1.4.0
Apache Xml Security For C++ 1.3.1
Apache Xml Security For C++ 1.2.0
Apache Xml Security For C++ 0.1.0
NA
CVE-2013-2154
Stack-based buffer overflow in the XML Signature Reference functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) prior to 1.7.1 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute a...
Apache Xml Security For C++ 1.6.0
Apache Xml Security For C++ 1.1.0
Apache Xml Security For C++ 1.6.1
Apache Xml Security For C++ 1.2.1
Apache Xml Security For C++ 1.5.1
Apache Xml Security For C++ 1.5.0
Apache Xml Security For C++ 0.2.0
Apache Xml Security For C++ 1.3.0
Apache Xml Security For C++
Apache Xml Security For C++ 1.4.0
Apache Xml Security For C++ 1.3.1
Apache Xml Security For C++ 1.2.0
Apache Xml Security For C++ 0.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »