Lucene search
K

27 matches found

Nuclei
Nuclei
added 2 days ago53 views

Apache Unomi <1.5.2 - Remote Code Execution

Apache Unomi allows conditions to use OGNL and MVEL scripting which offers the possibility to call static Java classes from the JDK that could execute code with the permission level of the running Java process. This vulnerability affects all versions of Apache Unomi prior to 1.5.2. id:...

9.8CVSS7.1AI score0.68398EPSS
Exploits9References5
Wolfi
Wolfi
added 4 days ago5 views

CVE-2026-13942 vulnerabilities

Vulnerabilities for packages: chromium...

3.3CVSS5.9AI score0.00117EPSS
Exploits0
Circl
Circl
added 2026/07/01 9:10 p.m.9 views

CVE-2026-13942

creationtimestamp| type| source ---|---|--- 2026-07-01 21:10:46+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmgjzmiat2i 2026-07-02 07:46:44+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-02 11:42:15+00:00| seen|...

3.3CVSS5.9AI score0.00117EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-13942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Video Capture in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a crafted...

3.3CVSS6.2AI score0.00117EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.6 views

PT-2026-22281

Name of the Vulnerable Software and Affected Versions Google Chrome on ChromeOS versions prior to 150.0.7871.47 Zyxel routers affected versions not specified Description An inappropriate implementation in the Video Capture component of Google Chrome on ChromeOS allows a local attacker to perform ...

9.8CVSS6.1AI score0.00413EPSS
Exploits0References449
Circl
Circl
added 2026/02/24 4:1 a.m.7 views

CVE-2025-13942

creationtimestamp| type| source ---|---|--- 2026-02-24 04:01:11+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mflbs327is2c 2026-02-24 05:12:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mflfrwgeqb2y 2026-02-24 06:22:11+00:00| seen|...

9.8CVSS7.9AI score0.0106EPSS
Exploits0References12
Circl
Circl
added 2024/03/11 9:11 a.m.7 views

CVE-2019-13942

creationtimestamp| type| source ---|---|--- 2024-03-11 09:11:26+00:00| seen| https://t.me/ctinow/204529...

7.5CVSS7.3AI score0.01949EPSS
Exploits0References1
NVD
NVD
added 2023/09/14 7:15 p.m.12 views

CVE-2017-13942

Rejected reason: This candidate is unused by its CNA...

6.6AI score
Exploits0
vulnersOsv
vulnersOsv
added 2022/02/10 12:30 a.m.7 views

org.apache.unomi:unomi-docker (>=1.5.0 <=1.5.1) potentially affected by CVE-2020-13942 via org.apache.unomi:unomi (>=1.5.0 <=1.5.1)

org.apache.unomi:unomi MAVEN version =1.5.0, =1.5.0, =1.5.1 Source cves: CVE-2020-13942 Source advisory: OSV:GHSA-XP5J-WJ4H-2JQ9...

9.8CVSS7.2AI score0.68398EPSS
Exploits9
CNVD
CNVD
added 2022/01/19 12:0 a.m.16 views

Heartland OA2021 Winter Snow Edition suffers from a logic flaw vulnerability (CNVD-2022-13942)

Heartland OA is developed based on the SaaS architecture of cloud computing model to meet the needs of government cloud, industrial cloud, education cloud and other intelligent cloud platform construction. A logic flaw vulnerability exists in Heartland OA2021 Winter Snow Edition, which can be...

6.8AI score
Exploits0
Cvelist
Cvelist
added 2021/11/23 7:59 p.m.11 views

CVE-2018-13942

...

Exploits0
CVE
CVE
added 2021/11/23 7:59 p.m.25 views

CVE-2018-13942

CVE-2018-13942 is rejected and does not represent an active vulnerability entry.

7.3AI score
Exploits0
GithubExploit
GithubExploit
added 2021/09/05 4:39 p.m.125 views

Exploit for Improper Input Validation in Apache Unomi

CVE-2020-13942 Run httpx or httprob on the...

9.8CVSS9.6AI score0.68398EPSS
Exploits9
GithubExploit
GithubExploit
added 2021/01/11 3:50 p.m.293 views

Exploit for Improper Input Validation in Apache Unomi

CVE-2020-13942 Original blog post about the vulnerability: ht...

10CVSS9.7AI score0.68398EPSS
Exploits9
Check Point Advisories
Check Point Advisories
added 2020/12/27 12:0 a.m.7 views

Apache Unomi Remote Code Execution(CVE-2020-13942)

A remote code execution vulnerability exists in the Apache Unomi project. The vulnerability is due to insufficient validation of OGNL and MVEL2. Successful exploitation of this vulnerability could result in execution of arbitrary code...

7.5CVSS3.8AI score0.68398EPSS
Exploits9
Cvelist
Cvelist
added 2020/11/24 6:0 p.m.19 views

CVE-2020-13942 Remote Code Execution in Apache Unomi

It is possible to inject malicious OGNL or MVEL scripts into the /context.json public endpoint. This was partially fixed in 1.5.1 but a new attack vector was found. In Apache Unomi version 1.5.2 scripts are now completely filtered from the input. It is highly recommended to upgrade to the latest...

9.4AI score0.68398EPSS
Exploits9References9
CVE
CVE
added 2020/11/24 6:0 p.m.132 views

CVE-2020-13942

CVE-2020-13942 affects Apache Unomi before 1.5.2, where OGNL/MVEL-based input could lead to remote code execution via the /context.json endpoint. The root cause is unsafely evaluating scripting expressions in conditions, allowing an attacker to invoke Java classes and functions; multiple public P...

9.8CVSS9.3AI score0.68398EPSS
In wildExploits9References9Affected Software1
GithubExploit
GithubExploit
added 2020/11/24 5:23 a.m.141 views

Exploit for CVE-2020-11975

Statement The vulnerability detection methods, documents, a...

10CVSS7.2AI score0.68398EPSS
Exploits9
Circl
Circl
added 2020/11/23 3:53 a.m.41 views

CVE-2020-13942

creationtimestamp| type| source ---|---|--- 2020-11-23 03:53:17+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2119 2020-11-23 09:45:55+00:00| published-proof-of-concept| https://t.me/cKure/2943 2020-11-24 20:46:57+00:00| seen| https://t.me/cibsecurity/16796 2023-11-22...

9.8CVSS7AI score0.68398EPSS
In wildExploits9References7
GithubExploit
GithubExploit
added 2020/11/21 8:48 a.m.33 views

Exploit for Improper Input Validation in Apache Unomi

CVE-2020-13942 Run httpx or httprob on the...

9.8CVSS9.6AI score0.68398EPSS
Exploits9
Rows per page
Query Builder