Every CVE whose affected-product data names Caucho Resin, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2021-44138 — CVSS 7.5 (high): There is a Directory traversal vulnerability in Caucho Resin, as distributed in Resin 4.0.52 - 4.0.56, which allows remote attackers to…
CVE-2012-2965 — CVSS 7.5 (high): Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables, which has…
CVE-2012-2966 — CVSS 7.5 (high): Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters…
CVE-2012-2967 — CVSS 7.5 (high): Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == (equals sign equals sign) operator for…
CVE-2012-2969 — CVSS 6.4 (medium): Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for…
CVE-2014-2966 — CVSS 5.0 (medium): The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers to…
CVE-2004-0281 — CVSS 5.0 (medium): Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the contents of the /WEB-INF/ directory via…
CVE-2012-2968 — CVSS 5.0 (medium): Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in…
CVE-2008-2462 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the viewfile documentation command in Caucho Resin before 3.0.25, and 3.1.x before 3.1.4…
CVE-2010-2032 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in resin-admin/digest.php in Caucho Technology Resin Professional 3.1.5, 3.1.10, 4.0.6…