cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-3171,https://securityvulnerability.io/vulnerability/CVE-2023-3171,Heap exhaustion via deserialization,"A vulnerability exists in EAP-7 related to the deserialization of specific classes. This flaw can allow an attacker to create malicious requests that exploit these classes, leading to resource consumption issues. As a consequence, this could exhaust the heap memory, resulting in a Denial of Service condition where legitimate users are unable to access the application or service.",Red Hat,"eap,EAP 7.4.13,Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8,Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9,Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",7.5,HIGH,0.00215000007301569,false,false,false,false,,false,false,2023-12-27T16:15:00.000Z,0
CVE-2023-4061,https://securityvulnerability.io/vulnerability/CVE-2023-4061,Wildfly-core: management user rbac permission allows unexpected reading of system-properties to an unauthorized actor,A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.,Red Hat,"Eap 7.4.13,Red Hat Jboss Enterprise Application Platform 7.4 For Rhel 8,Red Hat Jboss Enterprise Application Platform 7.4 For Rhel 9,Red Hat Jboss Enterprise Application Platform 7.4 On Rhel 7,Red Hat Jboss Enterprise Application Platform 8",6.5,MEDIUM,0.0013699999544769526,false,false,false,false,,false,false,2023-11-08T01:15:00.000Z,0