You are here
Vulnerabilities
This site has been deprecated. New vulnerabilities concerning Airlock products are now communicated via the Airlock Vulnerability Tracking (ALVUL) on Airock Jira. For more information, visit https://techzone.ergon.ch/alvul.
To help you stay on top of the many web application vulnerabilities being reported every day, we introduce the Airlock Vulnerability Overview. Here you find a list of those vulnerabilities we consider relevant to Airlock users, including information on what their impact is and - if needed - what further steps are required to protect a system from them. New entries are added quite frequently, we recommend visiting the page often. Or even better, use the RSS feed to get proactively informed about new entries.
Airlock Vulnerability Status:
- Does not affect Airlock
- Airlock vulnerable, see resolution
- No action required
Back-end Vulnerability Status:
- Does not affect back-ends behind Airlock
- Airlock protects, requires changes in configuration
- Back-ends may be vulnerable, see resolution
- No action required
| Keywords | IDs |
Airlock Vulnerability Status |
Back-end Vulnerability Status | Updated |
|---|---|---|---|---|
| HP, HPE, iLO, hardware | CVE-2017-12542 |
|
|
2018-07-12 |
| DoS Management Interface |
|
|
2012-11-02 | |
| BEAST | CVE-2011-3389 |
|
|
2021-11-01 |
| openssl | CVE-2022-3602, CVE-2022-3786 |
|
|
2022-11-11 |
| alpaca, tls |
|
|
2021-06-24 | |
| java, cpu, Oracle Critical Patch Update | CVE-2022-32215, CVE-2022-21634, CVE-2022-21597, CVE-2022-21628, CVE-2022-21626, CVE-2022-21618, CVE-2022-39399, CVE-2022-21624, CVE-2022-21619 |
|
|
2022-11-07 |
| RC4, NSA | CVE-2013-2566 |
|
|
2013-12-16 |
| HTTP/2, DoS, Apache, httpd | CVE-2016-8740 |
|
|
2017-01-19 |
| SHA-1, Client Certificate, SHAppening, freestart, collisions |
|
|
2015-10-28 | |
| httpd | CVE-2021-44790), CVE-2021-44224 |
|
|
2022-01-03 |
| java, tomcat | CVE-2021-43980 |
|
|
2022-11-08 |
| OpenSSL, DTLS, TLS, SSL | CVE-2014-0224, CVE-2014-0221, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470, CVE-2014-0195, CVE-2014-0076 |
|
|
2014-06-10 |
| OpenSSL, Padding | CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176 |
|
|
2016-05-19 |
| OpenSSL, PSS, RSA | CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196 |
|
|
2015-12-04 |
| httpd, Apache | CVE-2022-22719, CVE-2022-22720, CVE-2022-22720, CVE-2022-23943 |
|
|
2022-03-16 |
| open redirect, phishing, authentication service | CVE-2013-2764 |
|
|
2014-01-09 |
| RC4, TLS | CVE-2015-2808 |
|
|
2017-01-19 |
| java, cpu, Oracle Critical Patch Update | CVE-2022-0778, CVE-2022-21449, CVE-2022-21476, CVE-2022-21426, CVE-2022-21496, CVE-2022-21434, CVE-2022-21443 |
|
|
2022-04-26 |
| tomcat, information leakage, NIO | CVE-2016-8745 |
|
|
2020-08-18 |
| openssl | CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-1255 |
|
|
2023-06-30 |
| OpenSSL, TLS, DTLS | CVE-2013-6449, CVE-2013-4353, CVE-2013-6450, CB-K13/1074, CB-K14/0009 |
|
|
2014-01-13 |
| OpenSSL, TLS, DoS, Elliptic Curve | CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2014-8176 |
|
|
2015-06-26 |
| curl, TLS, SSL, certificate | CVE-2016-5419, CVE-2016-5420, CVE-2016-5421 |
|
|
2017-01-19 |
| Apache, httpd, mod_deflate, DoS, Denial of Service | CVE-2014-0118 |
|
|
2014-09-08 |
| BREACH, TLS, SSL, compression | CVE-2013-3587 |
|
|
2019-10-09 |
| HEIST, TLS, SSL, compression |
|
|
2017-01-19 | |
| openssl | CVE-2014-3512, CVE-2014-3511, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506, CVE-2014-3505, CVE-2014-3509, CVE-2014-5139, CVE-2014-3508 |
|
|
2017-03-13 |
| Solaris Patch Update January 2011 |
|
|
2011-01-27 | |
| linux, kernel, tcp, ack | CVE-2016-5696 |
|
|
2017-01-19 |
| SSL, TLS, OpenSSL, Client Certificate Authentication |
|
|
2015-07-09 | |
| Linux, SACK, TCP, MSS | CVE-2019-11477, CVE-2019-11478, CVE-2019-5599, CVE-2019-11479 |
|
|
2019-06-21 |
| apache, httpd, mod_rewrite, redirect | CVE-2020-1927, CVE-2019-10098 |
|
|
2020-04-07 |
| POODLE, SSLv3, OpenSSL | CVE-2014-3566 |
|
|
2014-10-20 |
| java, cpu, Oracle Critical Patch Update | CVE-2023-22043, CVE-2023-22041, CVE-2023-22051, CVE-2023-25193, CVE-2023-22044, CVE-2023-22045, CVE-2023-22049, CVE-2023-22036, CVE-2023-22006 |
|
|
2023-07-27 |
| httpd | CVE-2021-41773, CVE-2021-41524, CVE-2021-42013 |
|
|
2021-10-19 |
| SQL Injection |
|
|
2011-07-08 | |
| 4.1 SQL injections |
|
|
2008-08-29 | |
| HTTP/2, streams, DoS | CVE-2023-44487 |
|
|
2023-10-13 |
| OpenSSL, Heartbleed | CVE-2014-0160, CVE-2014-0346 |
|
|
2014-04-10 |
| Range header DOS Apache | CVE-2011-3192 |
|
|
2011-08-25 |
| memory | CVE-2016-5195 |
|
|
2017-01-19 |
| curl | CVE-2018-1000122, CVE-2018-1000121, CVE-2018-1000120 |
|
|
2018-03-15 |
| NTP | CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 |
|
|
2017-01-19 |
| PHP-CGI | CVE-2012-1823 |
|
|
2013-01-17 |
| java, cpu, Oracle Critical Patch Update | CVE-2020-13943, CVE-2020-14792, CVE-2020-14781, CVE-2020-14782, CVE-2020-14797, CVE-2020-14779, CVE-2020-14796, CVE-2020-14798 |
|
|
2020-10-29 |
| Oracle CPU, Java, Solaris | CVE-2015-2601, CVE-2015-2613, CVE-2015-4749, CVE-2015-4748, CVE-2015-2659 |
|
|
2015-07-16 |
| "Miner" botnet |
|
|
2011-09-09 | |
| java, cpu, Oracle Critical Patch Update | CVE-2020-14803 |
|
|
2021-01-25 |
| Struts2, OGNL | S2-028, S2-029, S2-030, CVE-2016-4003, CVE-2016-0785, CVE-2016-2162 |
|
|
2016-05-03 |
| Java clientside, 1.7.0_17, 1.6.0_43 | CVE-2013-1493, CVE-2013-0809, CB-K13/0169 |
|
|
2017-01-19 |
| commons, text4shell | CVE-2022-42889 |
|
|
2022-10-21 |
| ssl, tls, DoS, OpenSSL | CVE-2016-8610 |
|
|
2017-01-19 |
| Tomcat | CVE-2020-9484 |
|
|
2020-05-25 |
| Struts2, OGNL, S2-021 | CVE-2014-0112, CVE-2014-0113 |
|
|
2014-05-14 |
| httpd | CVE-2018-1303, CVE-2018-1302, CVE-2018-1301, CVE-2018-1312, CVE-2017-15710, CVE-2017-15715, CVE-2018-1283 |
|
|
2018-03-27 |
| OpenSSL, DH, Certificate, RSA, SSL, TLS | CVE-2014-3571, CVE-2015-0206, CVE-2014-3569, CVE-2014-3572, CVE-2015-0204, CVE-2015-0205, CVE-2014-8275, CVE-2014-3570 |
|
|
2015-01-13 |
| java, cpu, Oracle Critical Patch Update | CVE-2019-2540, CVE-2018-11212, CVE-2019-2426, CVE-2019-2449, CVE-2019-2422 |
|
|
2019-01-21 |
| xss, deny rule, filter |
|
|
2015-09-24 | |
| java, cpu, Oracle Critical Patch Update | CVE-2021-23841, CVE-2021-3450, CVE-2021-2161, CVE-2021-2163 |
|
|
2021-04-23 |
| cpu, java | CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3449, CVE-2016-3422, CVE-2016-3426, CVE-2016-3425, CVE-2016-3427, CVE-20 16-0695 |
|
|
2016-04-26 |
| libxslt, libpng, python, tomcat, freetype, gzip, bash | CB-K13/0207 CVE-2011-3970 CVE-2012-2807 CVE-2011-1202 CVE-2012-2825 CVE-2012-2870 CVE-2012-2871 CVE-2012-2893 CVE-2011-3026 CVE-2011-3048 CVE-2010-1634 CVE-2012-2733 CVE-2012-3546 CVE-2012-4431 CVE-2012-4534 CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 |
|
|
2017-01-19 |
| OpenSSL | CVE-2016-7054, CVE-2016-7053, CVE-2016-7055 |
|
|
2017-01-19 |
| Tomcat, Cache Poisoning, Security Constraint Bypass, CORS, HTTP/2 | CVE-2017-7675, CVE-2017-7674 |
|
|
2020-08-18 |
| struts2, OGNL | CVE-2017-5638, S2-045 |
|
|
2017-03-20 |
| struts2, cookie | CVE-2014-0116, S2-022 |
|
|
2014-05-22 |
| java, cpu, Oracle Critical Patch Update | CVE-2021-29921, CVE-2021-2388, CVE-2020-28928, CVE-2021-2369, CVE-2021-2432, CVE-2021-2341 |
|
|
2021-08-04 |
| Oracle CPU, Java, Solaris | CVE-2014-6593, CVE-2014-3566, CVE-2015-0410, CVE-2015-0383, CVE-2014-6481, CVE-2003-0001, CVE-2004-0230, CVE-2015-0375, CVE-2014-6575 |
|
|
2015-01-22 |
| Apache, httpd, optionsbleed | CVE-2017-9798 |
|
|
2017-09-19 |
| httpd | CVE-2019-0190, |
|
|
2019-01-23 |
| Java, Oracle CPU, Solaris | CVE-2015-4803, CVE-2015-4893, CVE-2015-4911, CVE-2015-4868, CVE-1999-0377, CVE-2015-4869, CVE-2015-2642 |
|
|
2017-01-19 |
| httpd, apache, mod_http2, mod_auth_digest | CVE-2017-9789, CVE-2017-9788 |
|
|
2017-07-17 |
| openssl, x509 | CVE-2021-23841, CVE-2021-23839, CVE-2021-23840 |
|
|
2021-03-24 |
| OpenSSH, SunSSH, sshd, DoS | CB-K13/0190, CVE-2010-5107 |
|
|
2013-03-20 |
| httpd, apache, HttpProtocolOptions | CVE-2016-8743, CVE-2016-2161, CVE-2016-0736, CVE-2016-8740, CVE-2016-5387 |
|
|
2017-01-19 |
| java, cpu, Oracle Critical Patch Update |
|
|
2017-10-20 | |
| Struts2 | S2-052, CVE-2017-9805 |
|
|
2017-09-06 |
| ROHNP, ECDSA, DSA |
|
|
2018-07-04 | |
| GHOST, Buffer Overflow, gethostbyname | CVE-2015-0235 |
|
|
2015-01-29 |
| TLS, RSA, Bleichenbacher |
|
|
2019-01-24 | |
| Tomcat, Error Pages, PUT, DELETE | CVE-2017-5664 |
|
|
2017-06-19 |
| Struts2 | S2-031, S2-032, CVE-2016-3081, CVE-2016-3082 |
|
|
2016-05-04 |
| curl | CVE-2016-9586, CVE-2016-9952, CVE-2016-9953 |
|
|
2017-01-19 |
| php | CVE-2013-6420, CB-K13/1040 |
|
|
2013-12-16 |
| Tomcat, DoS, Denial of Service, HTTP/2 | CVE-2020-11996 |
|
|
2020-07-06 |
| HTTP/2, DoS, Apache, httpd, mod_md, Let's Encrypt | CVE-2018-1333, CVE-2018-8011 |
|
|
2018-07-19 |
| java, cpu, Oracle Critical Patch Update | CVE-2019-7317, CVE-2019-1821, CVE-2019-2818, CVE-2019-2818, CVE-2019-2818, CVE-2019-2745, CVE-2019-2745, CVE-2019-2842 CVE-2019-2786, CVE-2019-2766 |
|
|
2019-09-25 |
| cgi, proxy | CVE-2016-5385 CVE-2016-5386 CVE-2016-5387 CVE-2016-5388 CVE-2016-1000109 CVE-2016-1000110 |
|
|
2017-01-19 |
| curl, ntlm, smtp | CVE-2019-3822, CVE-2019-3823, CVE-2018-16890 |
|
|
2019-02-07 |
| ntp | CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7705, CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, CVE-2015-7871 |
|
|
2015-11-17 |
| java, serialization, deserialization | CVE-2015-4852 |
|
|
2015-11-12 |
| java, cpu, Oracle Critical Patch Update | CVE-2021-22959, CVE-2022-21349, CVE-2022-21291, CVE-2022-21305, CVE-2022-21277, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366, CVE-2022-21282, CVE-2022-21296, CVE-2022-21299, CVE-2022-21271, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21340 |
|
|
2022-01-26 |
| CPU, RMI, Solaris, IPSec, NFS, JAX-WS | CB-K13/0276, CVE-2013-1537, CVE-2013-2415, CVE-2013-0405, CVE-2013-0406 |
|
|
2013-04-22 |
| JSON |
|
|
2022-12-15 | |
| curl | CVE-2016-9594 |
|
|
2017-01-19 |
| PHP, response-splitting | CVE-2011-1398, CB-K13/1037 |
|
|
2013-12-16 |
| java, cpu, Oracle Critical Patch Update | CVE-2017-3511, CVE-2017-3526, CVE-2017-3533, CVE-2017-3544, CVE-2017-3512, CVE-2017-3514, CVE-2017-3509, CVE-2017-3539 |
|
|
2017-04-21 |
| curl | CVE-2017-9502 |
|
|
2017-06-15 |
| java, cpu, Oracle Critical Patch Update | CVE-2018-3183, CVE-2018-3149, CVE-2018-3180, CVE-2018-3214, CVE-2018-3209, CVE-2018-3169, CVE-2018-3211, CVE-2018-3150, CVE-2018-13785, CVE-2018-3136, CVE-2018-3139 |
|
|
2020-08-18 |
| SSL, TLS, FREAK, export, ciphers | CVE-2015-0204 |
|
|
2015-03-11 |
| tomcat, cache poisoning, XSS | CVE-2016-6816, CVE-2016-8735 |
|
|
2017-06-19 |
| padding oracle | CVE-2019-1559 |
|
|
2019-06-14 |
| java, XXE, XML, fasterxml, jackson | CVE-2016-3720 |
|
|
2020-08-18 |
| openssl | CVE-2022-4304, CVE-2022-4203, CVE-2023-0215, CVE-2022-4450, CVE-2023-0216, CVE-2023-0217, CVE-2023-0401 |
|
|
2023-02-08 |
| PHPMailer, RCE, PHP, Joolma, Drupal, WordPress, PwnScriptum | CVE-2016-10033, CVE-2016-10045 |
|
|
2017-01-19 |
| OpenSSL | CVE-2017-3736, CVE-2017-3735 |
|
|
2017-11-02 |
| Tomcat, DoS, request smuggling | CVE-2014-0075, CVE-2014-0095, CVE-2014-0099 |
|
|
2014-06-18 |
| RSA, | CVE-2018-0732,CVE-2018-0737 |
|
|
2018-08-14 |
| OpenSSL | CVE-2017-3735 |
|
|
2017-08-31 |
| Tomcat, DoS, Denial of Service, HTTP/2 | CVE-2019-0199 |
|
|
2020-08-18 |
| joomla, php, user-agent | CVE-2015-8562 |
|
|
2015-12-16 |
| apache struts2 | S2-047, S2-049, CVE-2017-9787, CVE-2017-7672 |
|
|
2017-09-25 |
| HTTP, request smuggling, transfer-encoding | CVE-2020-1935, CVE-2019-17569 |
|
|
2020-03-06 |
| Apache, httpd, mod_rewrite | CVE-2013-1862, CB-K13/0146, CB-K13/0374 |
|
|
2013-07-25 |
| curl, TLS, SSL, certificate | CVE-2013-4545, CVE-2013-6422 |
|
|
2013-12-23 |
| httpd, Apache | CVE-2020-9490, CVE-2020-11984, CVE-2020-11993 |
|
|
2020-08-10 |
| Oracle CPU, Java, Solaris | CVE-2014-4225, CVE-2014-4215, CVE-2014-4224, CVE-2014-4239, CVE-2014-4264, CVE-2014-4244, CVE-2014-4263 |
|
|
2014-07-16 |
| curl, NTLM | CVE-2018-14618 |
|
|
2018-09-18 |
| tls, raccoon, dhe, ecdhe | CVE-2020-1968 |
|
|
2020-10-01 |
| Java floating point | CVE-2010-4476 |
|
|
2011-02-10 |
| httpd | CVE-2019-0211, CVE-2019-0217, CVE-2019-0215, CVE-2019-0197, CVE-2019-0220, CVE-2019-0196 |
|
|
2019-04-08 |
| OpenSSH | CVE-2016-0777, CVE-2016-0778 |
|
|
2016-01-18 |
| RCE, confluence | CVE-2022-26134 |
|
|
2022-06-08 |
| ajp, tomcat | CVE-2020-1938 i |
|
|
2021-01-26 |
| Oracle Critical Patch Update | CB-K13/0418, CVE-2013-2457, CVE-2013-1571, CVE-2013-2467, CVE-2013-2461, CVE-2013-2407, CVE-2013-2451 |
|
|
2013-06-20 |
| OpenSSL, ECDSA, P-256 | CVE-2016-7056 |
|
|
2017-03-10 |
| curl | CVE-2017-8818, CVE-2017-8817, CVE-2017-8816 |
|
|
2017-11-30 |
| OpenSSL |
|
|
2020-12-10 | |
| Tomcat, Open Redirect | CVE-2018-11784 |
|
|
2020-08-18 |
| IIS, Buffer Overflow | CVE-2015-1635, MS15-034 |
|
|
2017-11-29 |
| rds, use-after-free | CVE-2019-11815 |
|
|
2019-05-16 |
| keychain, use-after-free | CVE-2016-0728 |
|
|
2016-01-21 |
| go | CVE-2023-29402, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405 |
|
|
2023-06-20 |
| OpenSSL | CVE-2017-3731, CVE-2017-3730, CVE-2017-3732, CVE-2016-7055 |
|
|
2017-03-10 |
| java, cpu, Oracle Critical Patch Update | CVE-2020-14664, CVE-2020-14583, CVE-2020-14593, CVE-2020-14562, CVE-2020-14621, CVE-2020-14556, CVE-2020-14573, CVE-2020-14581, CVE-2020-14578, CVE-2020-14579, CVE-2020-14577 |
|
|
2020-08-07 |
| dirty cow | CVE-2017-1000405 |
|
|
2017-12-06 |
| OpenSSL, ECDSA |
|
|
2018-10-30 | |
| Oracle CPU, Java, Solaris | CVE-2015-0469 CVE-2015-0459 CVE-2015-0491 CVE-2015-0460 CVE-2015-0492 CVE-2015-0458 CVE-2015-0484 CVE-2015-0480 CVE-2015-0486 CVE-2015-0477 CVE-2015-0470 CVE-2015-0488 CVE-2015-0478 CVE-2015-0204 CVE-2015-2578 CVE-2014-3566 CVE-2015-0452 CVE-2015-2577 |
|
|
2017-01-19 |
| OpenSSL | CVE-2010-0742 |
|
|
2010-08-01 |
| curl, TFTP | CVE-2019-5435, CVE-2019-5436 |
|
|
2019-05-23 |
| Java, JAXP, SLOTH | CVE-2016-0728, CVE-2016-0494, CVE-2015-8126, CVE-2016-0402, CVE-2016-0448, CVE-2016-0483, CVE-2016-0466, CVE-2015-7575 |
|
|
2016-01-21 |
| php, nullbyte | CVE-2015-4025 |
|
|
2015-06-11 |
| c_rehash, openssl | CVE-2022-2068 |
|
|
2022-06-30 |
| libcurl | CVE-2013-2174, CB-K13/0425 |
|
|
2013-06-28 |
| java, cpu, Oracle Critical Patch Update | CVE-2016-2183, CVE-2016-5547, CVE-2016-5552, CVE-2017-3252, CVE-2017-3253, CVE-2016-5546, CVE-2017-3241, CVE-2017-3289, CVE-2017-3272, CVE-2017-3260, CVE-2016-5549, CVE-2016-5548, CVE-2017-3231, CVE-2017-3261, CVE-2017-3259, CVE-2017-3262, CVE-2016-8328 |
|
|
2017-03-10 |
| OpenSSL |
|
|
2017-12-07 | |
| PDF UXSS |
|
|
2007-03-15 | |
| OpenSSL, DSA |
|
|
2018-10-31 | |
| curl, NTLM | CVE-2015-3144, CVE-2015-3145, CVE-2015-3148, CVE-2015-3143 |
|
|
2015-04-23 |
| OpenSSL, TLS, Zombie POODLE and GOLDENDOODLE | CVE-2019-6593 |
|
|
2019-06-20 |
| OpenSSL, DH, SSLv2 | CVE-2016-0701, CVE-2015-3197 |
|
|
2016-01-29 |
| Tomcat, DoS, CSRF, FORM authentication | CVE-2012-4534, CVE-2012-4431, CVE-2012-3546 |
|
|
2013-01-08 |
| curl | CVE-2022-32208, CVE-2022-32207, CVE-2022-32206, CVE-2022-32205 |
|
|
2022-07-05 |
| Oracle Critical Patch Update, CPU, Solaris | CB-K13/0470, CVE-2013-3753, CVE-2013-3748, CVE-2013-3750, CVE-2013-3765, CVE-2013-3797, CVE-2013-3787, CVE-2013-3754, CVE-2013-3746, CVE-2013-3754, CVE-2013-3746, CVE-2013-0398, CVE-2013-0398, CVE-2013-0398, CVE-2013-0398, CVE-2013-3745, CVE-2013-3773 |
|
|
2013-07-19 |
| SQL, AWS |
|
|
2023-06-30 | |
| curl | CVE-2017-2629 |
|
|
2017-03-10 |
| Tomcat, Session Fixation | CVE-2014-0033 |
|
|
2014-03-12 |
| Struts2, JSON | CVE-2017-15707 |
|
|
2017-12-08 |
| java | CVE-2016-0636 |
|
|
2016-04-14 |
| libcurl, NTLM | CVE-2014-0015 |
|
|
2014-02-03 |
| curl, SASL | CVE-2018-16839, CVE-2018-16840, CVE-2018-16842 |
|
|
2018-11-02 |
| OpenSSL, ASN.1 |
|
|
2018-03-27 | |
| curl, NTLM | CVE-2016-0755, CVE-2016-0754 |
|
|
2016-02-01 |
| Java clientside | CVE-2012-3174, CVE-2013-0422, CB-K13/0036 |
|
|
2013-01-17 |
| openssl | CVE-2022-2097, CVE-2022-2274 |
|
|
2022-07-07 |
| 3DES, SSL, TLS, SWEET32, SWEET | CVE-2016-2183 |
|
|
2017-01-19 |
| Apache, httpd, mod_dav | CVE-2013-1896 |
|
|
2013-07-26 |
| nghttp2, envoy, Apache | CVE-2023-35945 |
|
|
2023-07-19 |
| struts2, OGNL, S2-020 | CVE-2014-0094 |
|
|
2018-08-25 |
| ROBOT, RSA, Bleichenbacher, DROWN |
|
|
2019-01-23 | |
| Oracle CPU, Java, Solaris | CVE-2014-6508, CVE-2014-6508, CVE-2014-6468, CVE-2014-6517, CVE-2014-6512, CVE-2014-6457, CVE-2014-6558 |
|
|
2014-10-17 |
| curl | CVE-2017-1000101, CVE-2017-1000100, CVE-2017-1000099 |
|
|
2017-08-15 |
| ECC, DSA | CVE-2018-5407, CVE-2018-0734 |
|
|
2018-11-22 |
| TLS, SSL, DH, CVE-2015-4000 |
|
|
2015-05-21 | |
| Oracle Critical Patch Update, CPU, Java, Solaris | CVE-2013-5907, CVE-2013-5907, CVE-2014-0411, CVE-2014-0411, CVE-2013-5821, CVE-2014-0390, CVE-2013-5872, CB-K14/0052, CB-K14/0053 |
|
|
2014-01-16 |
| Apache, Tomcat, HTTP/2 | CVE-2019-10072 |
|
|
2019-06-24 |
| OAuth 2.0, OAuth, OpenID Connect, 307 Redirect Attack, IdP Mix-Up Attack |
|
|
2020-08-18 | |
| Oracle Critical Patch Update | CVE-2013-0400, CVE-2013-0399, CVE-2013-0415, CVE-2013-0407, CVE-2012-0599, CB-K13/0047 |
|
|
2013-01-17 |
| http2 | CVE-2021-33193 |
|
|
2021-09-02 |
| Apache, httpd, mod_session_dbd | CVE-2013-2249, CB-K13/0459 |
|
|
2013-07-26 |
| OpenSSL |
|
|
2020-04-22 | |
| httpd, mod_dav, mod_log_config | CVE-2013-6438, CVE-2014-0098 |
|
|
2014-04-17 |
| meltdown, spectre, L1 Terminal Fault | CVE-2017-5753, CVE-2017-5715, CVE-2017-5754, CVE-2018-3620, CVE-2018-3646 |
|
|
2018-08-20 |
| npm, event-stream, malicious code |
|
|
2020-08-18 | |
| stunnel | CVE-2015-3644 |
|
|
2015-05-22 |
| padding oracle | CVE-2019-1547, CVE-2019-1549, CVE-2019-1563 |
|
|
2020-04-21 |
| Tomcat, Host Manager | CVE-2015-5346, CVE-2015-5351, CVE-2016-0706, CVE-2016-0714, CVE-2016-0763, CVE-2015-5345, CVE-2016-0729 |
|
|
2016-03-03 |
| Java | CB-K13/0083, CVE-2013-0437, CVE-2013-1478, CVE-2013-0442, CVE-2013-0445, CVE-2013-1480, CVE-2013-0440, CVE-2013-0443, ... |
|
|
2013-02-04 |
| sasl, cyrus | CVE-2022-24407 |
|
|
2022-07-29 |
| httpd, mod_proxy | CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-39275, CVE-2021-40438 |
|
|
2021-10-04 |
| struts2, DMI | CVE-2013-2248, CVE-2013-4310, CVE-2013-4316, S2-017, S2-018, S2-019 |
|
|
2013-10-01 |
| go | CVE-2023-39318, CVE-2023-39319, CVE-2023-39320, CVE-2023-39321, CVE-2023-39322 |
|
|
2023-09-20 |
| Tomcat, Remote Code Execution | CVE-2017-12616, CVE-2017-12615, CVE-2017-8045, CVE-2017-12617 |
|
|
2020-08-18 |
| openssl, stunnel, ECDSA, DSA | CVE-2014-0076, CVE-2014-0016 |
|
|
2014-03-26 |
| curl | CVE-2018-1000005, CVE-2018-1000007 |
|
|
2018-01-30 |
| Kerberos, KDC | CVE-2014-6324, MS14-068 |
|
|
2014-11-24 |
| Struts2 | CVE-2015-1831, CB-K15/0640, S2-024 |
|
|
2015-05-27 |
| OpenSSL | CVE-2017-3733 |
|
|
2017-03-10 |
| Randomness, RNG, PRNG | CVE-2019-16303 |
|
|
2020-08-18 |
| OpenSSL, SSLv2, SSLv3, CacheBleed, Drown Attack | CVE-2016-0800, CVE-2016-0705, CVE-2016-0798, CVE-2016-0797, CVE-2016-0799, CVE-2016-0702, CVE-2016-0703, CVE-2016-0704, CVE-2016-0701. CVE-2015-3197 |
|
|
2016-03-01 |
| libcurl, buffer overflow | CVE-2013-0249 |
|
|
2013-02-11 |
| exchange, ssrf, rce | CVE-2022-41040, CVE-2022-41082 |
|
|
2022-10-04 |
| java, cpu | CVE-2016-5556, CVE-2016-5568, CVE-2016-5582, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554, CVE-2016-5542 |
|
|
2017-01-19 |
| Java | CB-K13/0803, CVE-2013-5830, CVE-2013-5780, CVE-2013-5823, CVE-2013-5802,CVE-2013-5825, CVE-2013-4002 |
|
|
2013-10-18 |
| java, cpu, Oracle Critical Patch Update | CVE-2020-2803, CVE-2020-2805, CVE-2019-18197, CVE-2020-2816, CVE-2020-2781, CVE-2020-2767, CVE-2020-2778, CVE-2020-2830, CVE-2020-2800, CVE-2020-2764, CVE-2020-2754, CVE-2020-2755, CVE-2020-2773, CVE-2020-2756, CVE-2020-2757 |
|
|
2020-04-17 |
| Tomcat, Security Constraint Bypass | CVE-2018-1305, CVE-2018-1304 |
|
|
2020-08-18 |
| SAML, SSO, Impersonation, Authentication Bypass | CVE-2017-11427, CVE-2017-11428, CVE-2017-11429, CVE-2017-11430, CVE-2018-0489, CVE-2018-7340 |
|
|
2020-08-18 |
| OpenSSL, TLS, POODLE | CVE-2014-8730 |
|
|
2014-12-10 |
| httpd, apache, mod_http2, mod_ssl, mod_mine | CVE-2017-7659, CVE-2017-3169, CVE-2017-7679, CVE-2017-7668, CVE-2017-3167 |
|
|
2017-06-21 |
| OpenSSL, ChaCha20-Poly1305 | CVE-2019-1543 |
|
|
2019-03-07 |
| Struts2 | S2-048, CVE-2017-9791 |
|
|
2017-07-17 |
| java, cpu, Oracle Critical Patch Update | CVE-2019-2949, CVE-2019-2989, CVE-2019-2958, CVE-2019-11068, CVE-2019-2977, CVE-2019-2975CVE-2019-2999, CVE-2019-2996, CVE-2019-2987, CVE-2019-2962, CVE-2019-2988, CVE-2019-2992, CVE-2019-2964, CVE-2019-2973, CVE-2019-2981, CVE-2019-2978, CVE-2019-2894 |
|
|
2019-10-23 |
| struts2, xml, ognl | S2-050, S2-051, CVE-2017-9793, CVE-2017-9804, CVE-2017-12611 |
|
|
2017-09-26 |
| mod_dav, libexpat, xml | CVE-2022-40674 |
|
|
2022-10-18 |
| Oracle Critical Patch Update, CPU, Solaris | CVE-2013-5866, CVE-2013-5863, CVE-2013-5865, CVE-2013-5861, CVE-2013-5862, CVE-2013-5864, CVE-2013-5839, CVE-2013-3842, CVE-2013-3837 |
|
|
2013-10-18 |
| curl | CVE-2023-38545, CVE-2023-38546 |
|
|
2023-10-12 |
| java, cpu, Oracle Critical Patch Update | CVE-2020-2604, CVE-2019-16168, CVE-2019-13117, CVE-2019-13118, CVE-2020-2601, CVE-2020-2585, CVE-2020-2655, CVE-2020-2593, CVE-2020-2654, CVE-2020-2590, CVE-2020-2659, CVE-2020-2583 |
|
|
2020-08-18 |
| Oracle Critical Patch Update, CPU, Java, Solaris | CVE-2014-0457, CVE-2014-0453, CVE-2014-0447, CVE-2014-0442, CVE-2014-0421 |
|
|
2014-04-17 |
| RC4, stream ciphers, SSL, TLS, BEAST, Lucky 13 | CVE-2013-2566 |
|
|
2013-03-28 |
| TLS, OpenSSL, Lucky Thirteen | CVE-2013-0169, CVE-2012-2686, CVE-2013-0166 |
|
|
2013-02-06 |
| libxml2, HTML parser | CVE-2013-1969 |
|
|
2013-04-29 |
| httpd, Apache | CVE-2006-20001, CVE-2022-36760, CVE-2022-37436, CVE-2023-25690, CVE-2023-27522 |
|
|
2023-03-21 |
| tomcat, DOS, Header Length | CVE-2012-2733 |
|
|
2012-11-07 |
| stack clash, memory, Linux | CVE-2017-1000364, CVE-2017-1000365, CVE-2017-1000367 |
|
|
2017-06-21 |
| httpd, Apache | CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813 |
|
|
2022-06-16 |
| Struts2, OGNL | S2-014, S2-015, S2-016, CB-K13/0388, CB-K13/0484, CVE-2013-1966, CVE-2013-2135, CVE-2013-2135, CVE-2013-2115, CVE-2013-2251 |
|
|
2013-08-14 |
| GNU libc | CVE-2010-4756, CVE-2018-20796, CVE-2019-9192, CVE-2019-1010022, CVE-2019-1010023, CVE-2019-1010024, CVE-2019-1010025 |
|
|
2023-06-06 |
| Tomcat, Request Smuggling | CVE-2013-4286 |
|
|
2014-03-10 |
| java, cpu, Oracle Critical Patch Update | CVE-2022-34169, CVE-2022-25647, CVE-2022-21541, CVE-2022-21540, CVE-2022-21549 |
|
|
2022-07-20 |
| Tomcat, DoS | CVE-2014-0050 |
|
|
2014-02-21 |
| exchange, HAFNIUM, cookie store | CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065 |
|
|
2021-03-10 |
| Java CPU February 2013, Lucky Thirteen | CVE-2013-0169 |
|
|
2013-02-20 |
