Filter
Versions
16.11.01
9
11.04.01
6
12.04.01
6
10.04.01
5
11.04.02
5
10.04.02
4
12.04.02
4
12.04.03
4
10.04.03
3
10.04.04
3
11.04.03
3
11.04.04
3
12.04
3
12.04.04
3
12.04.05
3
13.07
3
13.07.01
3
13.07.02
3
16.11.05
3
17.12.01
3
18.12.11
3
09.04
2
10.04
2
10.04.05
2
11.04
2
11.04.05
2
11.04.06
2
12.04.06
2
13.07.03
2
16.11.04
2
09.04.01
1
16.11.02
1
16.11.03
1
16.11.06
1
16.11.07
1
17.12.03
1
18.12.10
1
BleepingComputerCISA orders agencies to patch Linux kernel bug exploited in attacks
First published (updated )
News
BleepingComputerBleepingComputerCISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks
First published (updated )
News
BleepingComputerApache OFBizApache OFBiz: Bypass SameSite restrictions with target redirection using URL parameters (SSTI and CSRF leading to RCE)
8.9
First published (updated )
Apache OFBizApache OFBiz: Prevent use of URLs in files when loading them from Java or Groovy, leading to a RCE
9.8
First published (updated )
Apache OFBizApache OFBiz Forced Browsing Vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache OFBizApache OFBiz Incorrect Authorization Vulnerability
First published (updated )
Apache OFBizApache OFBiz Path Traversal Vulnerability
First published (updated )
Apache OFBizApache OFBiz: Path traversal or file inclusion
5.3
EPSS
0.05%
First published (updated )
BleepingComputerApache OFBiz RCE flaw exploited to find vulnerable Confluence servers
First published (updated )
News
BleepingComputerApache OFBizApache OFBiz: Pre-authentication Remote Code Execution (RCE) vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache OFBizApache OFBiz: Arbitrary file properties reading and SSRF attack
7.5
First published (updated )
Apache OFBizPre-auth RCE in Apache Ofbiz 18.12.09 due to XML-RPC still present
First published (updated )
CVE-2023-46819Apache OFBiz: Execution of Solr plugin queries without authentication
5.3
First published (updated )
Apache OFBizApache OFBiz: Arbitrary file reading vulnerability
7.5
First published (updated )
Apache OFBizRegular Expression Denial of Service (ReDoS) vulnerability in Apache OFBiz
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache OFBizJava Deserialization via RMI Connection from the Solr plugin of Apache OFBiz
9.8
First published (updated )
Apache OFBizServer-Side Template Injection affecting the ecommerce plugin of Apache OFBiz
7.5
First published (updated )
Apache OFBizUnauth Path Traversal with file corruption affecting the Birt plugin of Apache OFBiz
9.8
First published (updated )
Apache OFBizUnauth Stored XSS vulnerability in the Birt plugin of Apache OFBiz
5.4
First published (updated )
Apache OFBizGeneration of Error Message Containing Sensitive Information in Apache OFBiz
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache OFBizArbitrary file upload vulnerability in OFBiz
9.8
First published (updated )
Apache OFBizUnsafe deserialization in Apache OFBiz
10
First published (updated )
Apache OFBizRCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI
9.8
First published (updated )
Apache OFBizRCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache OFBizIDOR vulnerability in the order processing feature from ecommerce component of Apache OFBiz before 1…
5.3
First published (updated )
Apache OFBizan unauthenticated user could get access to information of some backend screens by invoking setSessi…
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.