| CVE-2026-3960 |
critical |
9.8 |
9.8 |
|
|
|
1mo ago |
H2O-3 is Vulnerable to Code Injection |
| CVE-2024-5986 |
unknown |
— |
— |
|
|
|
4mo ago |
H2O has an External Control of File Name or Path vulnerability |
| CVE-2025-6544 |
unknown |
— |
— |
|
|
|
8mo ago |
H2O affected by a deserialization vulnerability |
| CVE-2024-8616 |
unknown |
— |
— |
|
|
|
1y ago |
H2O Vulnerable to Arbitrary File Overwrite |
| CVE-2024-8062 |
unknown |
— |
— |
|
|
|
1y ago |
H2O Vulnerable to Denial of Service (DoS) via `HEAD` Request |
| CVE-2024-7768 |
unknown |
— |
— |
|
|
|
1y ago |
H2O Vulnerable to Denial of Service (DoS) via `/3/ImportFiles` Endpoint |
| CVE-2024-7765 |
unknown |
— |
— |
|
|
|
1y ago |
H2O Vulnerable to Denial of Service (DoS) via Large GZIP Parsing |
| CVE-2024-6863 |
unknown |
— |
— |
|
|
|
1y ago |
H2O Vulnerable to Execution of Arbitrary Files |
| CVE-2024-6854 |
unknown |
— |
— |
|
|
|
1y ago |
H2O Vulnerable to Arbitrary File Overwrite via File Export |
| CVE-2024-10553 |
unknown |
— |
— |
|
|
|
1y ago |
H2O Deserialization of Untrusted Data Vulnerability |
| CVE-2024-10550 |
unknown |
— |
— |
|
|
|
1y ago |
H2O Vulnerable to Denial of Service (DoS) via `/3/ParseSetup` Endpoint |
| CVE-2024-10549 |
unknown |
— |
— |
|
|
|
1y ago |
H2O Vulnerable to Denial of Service (DoS) via `/3/Parse` Endpoint |
| CVE-2024-45758 |
unknown |
— |
— |
|
|
|
2y ago |
H2O.ai H2O vulnerable to deserialization attacks via a JDBC Connection URL |
| CVE-2024-6960 |
unknown |
— |
— |
|
|
|
2y ago |
H2O vulnerable to Deserialization of Untrusted Data |
| CVE-2023-6038 |
unknown |
— |
— |
|
|
|
3y ago |
H2O local file inclusion vulnerability |