Total
84 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-5654 | 1 Apache | 1 Ambari | 2017-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes. | |||||
| CVE-2016-5697 | 1 Onelogin | 1 Ruby-saml | 2017-01-25 | 5.0 MEDIUM | 7.5 HIGH |
| Ruby-saml before 1.3.0 allows attackers to perform XML signature wrapping attacks via unspecified vectors. | |||||
| CVE-2016-2932 | 1 Ibm | 1 Bigfix Remote Control | 2016-12-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM BigFix Remote Control before 9.1.3 allows remote attackers to conduct XML injection attacks via unspecified vectors. | |||||
| CVE-2013-4221 | 1 Restlet | 1 Restlet | 2016-12-07 | 7.5 HIGH | N/A |
| The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML. | |||||