Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (23 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-6017 1 H2o 1 H2o 2024-11-21 7.1 High
H2O included a reference to an S3 bucket that no longer existed allowing an attacker to take over the S3 bucket URL.
CVE-2023-6016 1 H2o 1 H2o 2024-11-21 9.8 Critical
An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature.
CVE-2024-8862 2 H2o, H2oai 2 H2o, H2o-3 2024-09-20 7.3 High
A vulnerability, which was classified as critical, has been found in h2oai h2o-3 3.46.0.4. This issue affects the function getConnectionSafe of the file /dtale/chart-data/1 of the component JDBC Connection Handler. The manipulation of the argument query leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.