Where
-Infinity
0

Trending

Last week
Last month
Last year

oss-secCVE-2025-68493: Apache Struts: XXE vulnerability in outdated XWork component

First published (updated )
https://seclists.org/oss-sec/2026/q1/56

oss-secCVE-2025-68493: Apache Struts: XXE vulnerability in outdated XWork component

First published (updated )
https://seclists.org/oss-sec/2026/q1/52

Apache StrutsApache Struts, Apache Struts: XXE vulnerability in outdated XWork component

Risk 64
Severity
8.1
First published (updated )
CVE-2025-68493

oss-secCVE-2025-68493: Apache Struts: XXE vulnerability in outdated XWork component

First published (updated )
https://seclists.org/oss-sec/2026/q1/50

Apache StrutsApache Struts: File leak in multipart request processing causes disk exhaustion (DoS) - version ranges fixed

Risk 58
Severity
8.2
First published (updated )
CVE-2025-66675
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

oss-secCVE-2025-66675: Apache Struts: File leak in multipart quest processing causes disk exhaustion (DoS) - version ranges fixed

First published (updated )
https://seclists.org/oss-sec/2025/q4/257

Apache StrutsApache Struts: File leak in multipart request processing causes disk exhaustion (DoS)

Risk 46
Severity
7.5
First published (updated )
CVE-2025-64775

The RegisterFinal Patch Tuesday of 2023 goes out with a bang

Zeroday
First published (updated )
News
The Register

VMware Workspace One Launcher AndroidPrivilege Escalation Vulnerability

Risk 55
Severity
4.6
Zeroday
First published (updated )
CVE-2023-34064

Microsoft Windows 10Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

Risk 91
Severity
8.8
Zeroday
First published (updated )
CVE-2023-35630
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Microsoft Windows 10Windows MSHTML Platform Remote Code Execution Vulnerability

Risk 87
Severity
8.1
Zeroday
First published (updated )
CVE-2023-35628

Microsoft Power PlatformMicrosoft Power Platform Connector Spoofing Vulnerability

Risk 93
Severity
9.6
Zeroday
First published (updated )
CVE-2023-36019

Microsoft Windows 10Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

Risk 91
Severity
8.8
Zeroday
First published (updated )
CVE-2023-35641

Qualcomm Multiple ChipsetsUse of Out-of-range Pointer Offset in Graphics

Risk 94
Severity
8.4
Exploited
Zeroday
First published (updated )
CVE-2023-33106

Qualcomm Multiple ChipsetsInteger Overflow or Wraparound in Graphics Linux

Risk 94
Severity
8.4
Exploited
Zeroday
First published (updated )
CVE-2023-33107
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Microsoft Windows 10Speculative Leaks

Risk 55
Severity
5.5
Zeroday
First published (updated )
CVE-2023-20588

ThinuTech Thinu-cmsThinuTech ThinuCMS author_posts.php cross site scripting

Risk 55
Severity
6.1
Zeroday
First published (updated )
CVE-2023-3541

Fedoraproject FedoraXStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling

Risk 42
Severity
6.8
First published (updated )
CVE-2020-26259

Fedoraproject FedoraServer-Side Forgery Request can be activated unmarshalling with XStream

Risk 45
Severity
7.7
First published (updated )
CVE-2020-26258

Apache strutsMalicious File Upload

Risk 79
Severity
8.8
First published (updated )
CVE-2012-1592
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

maven/org.apache.struts:struts2-rest-pluginThe Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS a…

Risk 45
Severity
7.5
First published (updated )
CVE-2018-1327

Apache strutsApache Struts Deserialization of Untrusted Data Vulnerability

Risk 92
Severity
8.1
Exploited
First published (updated )
CVE-2017-9805

Apache strutsWhen using a Spring AOP functionality to secure Struts actions it is possible to perform a DoS attac…

Risk 45
Severity
7.5
First published (updated )
CVE-2017-9787

Apache strutsApache Struts 1 Improper Input Validation Vulnerability

Risk 99
Severity
9.8
Exploited
First published (updated )
CVE-2017-9791

Apache strutsApache Struts Remote Code Execution Vulnerability

Risk 100
Severity
9.8
Exploited
First published (updated )
CVE-2017-5638
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache Struts 1Input Validation

Risk 18
Severity
4
First published (updated )
REDHAT-BUG-1343540

Apache Software Foundation Struts 2.5Reached end of life

EOL
Apr 30, 2024
First published (updated )
EOL-apache-struts-2.5

Apache Software Foundation Struts 2.5Reached end of life

EOL
Apr 30, 2024
First published (updated )
latest-version-apache-struts-2.5

maven/org.apache.struts.xwork:xwork-coreThe default exclude patterns (excludeParams) in Apache Struts 2.3.20 allow remote attackers to "comp…

Risk 53
Severity
7.5
First published (updated )
CVE-2015-1831

Apache strutsCookieInterceptor in Apache Struts 2.x before 2.3.20, when a wildcard cookiesName value is used, doe…

Risk 36
Severity
5.8
First published (updated )
CVE-2014-0116
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203