Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
camel vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40167
Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the `+` character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely r...
Eclipse Jetty 12.0.0
Eclipse Jetty
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
668
VMScore
CVE-2021-3520
There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this...
Lz4 Project Lz4 1.8.3
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Cloud Native Core Policy 1.14.0
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
NA
CVE-2023-34455
snappy-java is a fast compressor/decompressor for Java. Due to use of an unchecked chunk length, an unrecoverable fatal error can occur in versions before 1.1.10.1. The code in the function hasNextChunk in the fileSnappyInputStream.java checks if a given stream has more chunks to...
Xerial Snappy-java
578
VMScore
CVE-2022-0981
A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web request to another in RestEasy Reactive. This flaw allows a low-privileged user to perform operations on the database with a different set of privileges than intended.
Quarkus Quarkus
446
VMScore
CVE-2021-43859
XStream is an open source java library to serialize objects to XML and back again. Versions before 1.4.19 may allow a remote malicious user to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of servic...
Xstream Project Xstream
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Oracle Flexcube Private Banking 12.1.0
Oracle Commerce Guided Search 11.3.2
Oracle Retail Xstore Point Of Service 16.0.6
Oracle Retail Xstore Point Of Service 17.0.4
Oracle Retail Xstore Point Of Service 18.0.3
Oracle Retail Xstore Point Of Service 19.0.2
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
Oracle Communications Policy Management 12.6.0.0.0
Oracle Communications Diameter Intelligence Hub
Oracle Communications Brm - Elastic Charging Engine 12.0.0.5.0
Oracle Communications Brm - Elastic Charging Engine
NA
CVE-2022-46363
A vulnerability in Apache CXF prior to 3.5.5 and 3.4.10 allows an malicious user to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. T...
Apache Cxf
384
VMScore
CVE-2021-3629
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions before...
Redhat Single Sign-on -
Redhat Jboss Enterprise Application Platform -
Redhat Wildfly Core
Redhat Integration -
Redhat Undertow
Redhat Jboss Enterprise Application Platform 7.4
Redhat Jboss Enterprise Application Platform 7.3
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
188
VMScore
CVE-2020-8908
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the ...
Google Guava
Quarkus Quarkus
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Data Integrator 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Weblogic Server 14.1.1.0.0
Oracle Data Integrator 12.2.1.4.0
Oracle Nosql Database
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Communications Cloud Native Core Network Slice Selection Function 1.2.1
Oracle Retail Customer Management And Segmentation Foundation
Oracle Communications Pricing Design Center 12.0.0.4.0
Oracle Communications Pricing Design Center 12.0.0.5.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Primavera Unifier 19.12
Oracle Primavera Unifier 20.12
Oracle Communications Cloud Native Core Network Repository Function 1.14.0
Oracle Primavera Unifier 21.12
Netapp Active Iq Unified Manager -
4 Github repositories
446
VMScore
CVE-2021-40690
All versions of Apache Santuario - XML Security for Java before 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an malicious user to abuse an XP...
Apache Santuario Xml Security For Java
Apache Tomee
Apache Cxf 3.4.4
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Flexcube Private Banking 12.1.0
Oracle Agile Plm 9.3.6
Oracle Weblogic Server 12.2.1.4.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Outside In Technology 8.5.5
Oracle Weblogic Server 14.1.1.0.0
Oracle Retail Merchandising System 16.0.3
Oracle Retail Service Backbone 16.0.3
Oracle Retail Financial Integration 16.0.3
Oracle Retail Integration Bus 16.0.3
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Retail Service Backbone 15.0.3.1
Oracle Retail Service Backbone 14.1.3.2
Oracle Communications Messaging Server 8.1
Oracle Retail Merchandising System 19.0.1
3 Github repositories
516
VMScore
CVE-2009-0582
The ntlm_challenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server (aka evolution-data-server) 2.24.5 and previous versions, and 2.25.92 and previous versions 2.25.x versions, does not validate whether a certain leng...
Gnome Evolution-data-server
Gnome Evolution-data-server 2.25.92
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »