Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
camel vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-0194
Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and previous versions) versions may be also affected.
Apache Camel
Apache Camel 2.23.0
5
CVSSv2
CVE-2018-8041
Apache Camel's Mail 2.20.0 up to and including 2.20.3, 2.21.0 up to and including 2.21.1 and 2.22.0 is vulnerable to path traversal.
Apache Camel
Apache Camel 2.22.0
5
CVSSv2
CVE-2016-10727
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server prior to 3.21.2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS but the server will not use STARTTLS, which makes it easier for remote maliciou...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Gnome Evolution
5
CVSSv2
CVE-2015-0264
Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel prior to 2.13.4 and 2.14.x prior to 2.14.2 allow remote malicious users to read arbitrary files via an external entity in an invalid XML (1) String or (2) GenericFile object in an ...
Apache Camel 2.14.0
Apache Camel
Apache Camel 2.14.1
5
CVSSv2
CVE-2015-0263
XML external entity (XXE) vulnerability in the XML converter setup in converter/jaxp/XmlConverter.java in Apache Camel prior to 2.13.4 and 2.14.x prior to 2.14.2 allows remote malicious users to read arbitrary files via an external entity in an SAXSource.
Apache Camel 2.14.0
Apache Camel
Apache Camel 2.14.1
5
CVSSv2
CVE-2005-2364
Unknown vulnerability in the (1) GIOP dissector, (2) WBXML, or (3) CAMEL dissector in Ethereal 0.8.20 up to and including 0.10.11 allows remote malicious users to cause a denial of service (application crash) via certain packets that cause a null pointer dereference.
Ethereal Group Ethereal 0.10.1
Ethereal Group Ethereal 0.9.2
Ethereal Group Ethereal 0.9.6
Ethereal Group Ethereal 0.8.20
Ethereal Group Ethereal 0.10.10
Ethereal Group Ethereal 0.9.5
Ethereal Group Ethereal 0.10.2
Ethereal Group Ethereal 0.9.14
Ethereal Group Ethereal 0.9.0
Ethereal Group Ethereal 0.9.15
Ethereal Group Ethereal 0.9.10
Ethereal Group Ethereal 0.9.8
Ethereal Group Ethereal 0.10.3
Ethereal Group Ethereal 0.10.4
Ethereal Group Ethereal 0.10.7
Ethereal Group Ethereal 0.9.16
Ethereal Group Ethereal 0.10.11
Ethereal Group Ethereal 0.10.5
Ethereal Group Ethereal 0.10.0
Ethereal Group Ethereal 0.9.3
Ethereal Group Ethereal 0.9.13
Ethereal Group Ethereal 0.9.9
5
CVSSv2
CVE-2002-1471
The camel component for Ximian Evolution 1.0.x and previous versions does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote malicious users to monitor or modify sessions via a man-in-the-middle atta...
Ximian Evolution 1.0.7
Ximian Evolution 1.0.3
Ximian Evolution 1.0.4
Ximian Evolution 1.0.5
Ximian Evolution 1.0.6
Ximian Evolution 1.0.8
4.3
CVSSv2
CVE-2021-3629
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions before...
Redhat Single Sign-on -
Redhat Jboss Enterprise Application Platform -
Redhat Wildfly Core
Redhat Integration -
Redhat Undertow
Redhat Jboss Enterprise Application Platform 7.4
Redhat Jboss Enterprise Application Platform 7.3
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
4.3
CVSSv2
CVE-2021-22569
An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause fre...
Google Protobuf-kotlin
Google Protobuf-java
Google Google-protobuf
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Spatial And Graph Mapviewer 21c
Oracle Spatial And Graph Mapviewer 19c
1 Github repository
4.3
CVSSv2
CVE-2021-38153
Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0.0 or higher where this vulnera...
Apache Kafka
Apache Kafka 2.8.0
Quarkus Quarkus
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier 19.12
Oracle Primavera Unifier 20.12
Oracle Primavera Unifier 21.12
Oracle Financial Services Enterprise Case Management 8.0.8.1
Oracle Financial Services Enterprise Case Management 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.2.0
Oracle Financial Services Behavior Detection Platform 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.0.7.1
Oracle Financial Services Enterprise Case Management 8.0.8.0
Oracle Financial Services Behavior Detection Platform
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Financial Services Enterprise Case Management 8.0.7.2
Oracle Financial Services Analytical Applications Infrastructure
Oracle Communications Brm - Elastic Charging Engine 12.0.0.5.0
Oracle Communications Brm - Elastic Charging Engine
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »