Show filters
8 Total Results
Displaying 1-8 of 8
Sort by:
Attacker Value
Unknown
CVE-2023-39020
Disclosure Date: July 28, 2023 (last updated October 08, 2023)
stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked argument.
0
Attacker Value
Unknown
CVE-2021-44550
Disclosure Date: February 24, 2022 (last updated February 23, 2025)
An Incorrect Access Control vulnerability exists in CoreNLP 4.3.2 via the classifier in NERServlet.java (lines 158 and 159).
0
Attacker Value
Unknown
CVE-2022-0239
Disclosure Date: January 17, 2022 (last updated February 23, 2025)
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
0
Attacker Value
Unknown
CVE-2022-0198
Disclosure Date: January 13, 2022 (last updated February 23, 2025)
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
0
Attacker Value
Unknown
CVE-2021-3869
Disclosure Date: October 19, 2021 (last updated February 23, 2025)
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
0
Attacker Value
Unknown
CVE-2021-3878
Disclosure Date: October 15, 2021 (last updated February 23, 2025)
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
0
Attacker Value
Unknown
CVE-2013-2106
Disclosure Date: December 03, 2019 (last updated November 27, 2024)
webauth before 4.6.1 has authentication credential disclosure
0
Attacker Value
Unknown
CVE-2009-2945
Disclosure Date: September 15, 2009 (last updated October 04, 2023)
weblogin/login.fcgi (aka the WebLogin login script) in Stanford University WebAuth 3.5.5, 3.6.0, and 3.6.1 places passwords in URLs in certain circumstances involving conversion of a POST request to a GET request, which allows context-dependent attackers to discover passwords by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history.
0
