27 matches found
Apache Unomi <1.5.2 - Remote Code Execution
Apache Unomi allows conditions to use OGNL and MVEL scripting which offers the possibility to call static Java classes from the JDK that could execute code with the permission level of the running Java process. This vulnerability affects all versions of Apache Unomi prior to 1.5.2. id:...
CVE-2026-13942 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-13942
creationtimestamp| type| source ---|---|--- 2026-07-01 21:10:46+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmgjzmiat2i 2026-07-02 07:46:44+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-02 11:42:15+00:00| seen|...
Linux Distros Unpatched Vulnerability : CVE-2026-13942
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Video Capture in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a crafted...
PT-2026-22281
Name of the Vulnerable Software and Affected Versions Google Chrome on ChromeOS versions prior to 150.0.7871.47 Zyxel routers affected versions not specified Description An inappropriate implementation in the Video Capture component of Google Chrome on ChromeOS allows a local attacker to perform ...
CVE-2025-13942
creationtimestamp| type| source ---|---|--- 2026-02-24 04:01:11+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mflbs327is2c 2026-02-24 05:12:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mflfrwgeqb2y 2026-02-24 06:22:11+00:00| seen|...
CVE-2019-13942
creationtimestamp| type| source ---|---|--- 2024-03-11 09:11:26+00:00| seen| https://t.me/ctinow/204529...
CVE-2017-13942
Rejected reason: This candidate is unused by its CNA...
org.apache.unomi:unomi-docker (>=1.5.0 <=1.5.1) potentially affected by CVE-2020-13942 via org.apache.unomi:unomi (>=1.5.0 <=1.5.1)
org.apache.unomi:unomi MAVEN version =1.5.0, =1.5.0, =1.5.1 Source cves: CVE-2020-13942 Source advisory: OSV:GHSA-XP5J-WJ4H-2JQ9...
Heartland OA2021 Winter Snow Edition suffers from a logic flaw vulnerability (CNVD-2022-13942)
Heartland OA is developed based on the SaaS architecture of cloud computing model to meet the needs of government cloud, industrial cloud, education cloud and other intelligent cloud platform construction. A logic flaw vulnerability exists in Heartland OA2021 Winter Snow Edition, which can be...
CVE-2018-13942
...
CVE-2018-13942
CVE-2018-13942 is rejected and does not represent an active vulnerability entry.
Exploit for Improper Input Validation in Apache Unomi
CVE-2020-13942 Run httpx or httprob on the...
Exploit for Improper Input Validation in Apache Unomi
CVE-2020-13942 Original blog post about the vulnerability: ht...
Apache Unomi Remote Code Execution(CVE-2020-13942)
A remote code execution vulnerability exists in the Apache Unomi project. The vulnerability is due to insufficient validation of OGNL and MVEL2. Successful exploitation of this vulnerability could result in execution of arbitrary code...
CVE-2020-13942 Remote Code Execution in Apache Unomi
It is possible to inject malicious OGNL or MVEL scripts into the /context.json public endpoint. This was partially fixed in 1.5.1 but a new attack vector was found. In Apache Unomi version 1.5.2 scripts are now completely filtered from the input. It is highly recommended to upgrade to the latest...
CVE-2020-13942
CVE-2020-13942 affects Apache Unomi before 1.5.2, where OGNL/MVEL-based input could lead to remote code execution via the /context.json endpoint. The root cause is unsafely evaluating scripting expressions in conditions, allowing an attacker to invoke Java classes and functions; multiple public P...
Exploit for CVE-2020-11975
Statement The vulnerability detection methods, documents, a...
CVE-2020-13942
creationtimestamp| type| source ---|---|--- 2020-11-23 03:53:17+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2119 2020-11-23 09:45:55+00:00| published-proof-of-concept| https://t.me/cKure/2943 2020-11-24 20:46:57+00:00| seen| https://t.me/cibsecurity/16796 2023-11-22...
Exploit for Improper Input Validation in Apache Unomi
CVE-2020-13942 Run httpx or httprob on the...