MAL-2025-38647 Malicious code in vrt3fg (npm)

The package vrt3fg was found to contain malicious code...

SUSE CVE-2023-38647

An attacker can use SnakeYAML to deserialize java.net.URLClassLoader and make it load a JAR from a specified URL, and then deserialize javax.script.ScriptEngineManager to load code using that ClassLoader. This unbounded deserialization can likely lead to remote code execution. The code can be run...

CVE-2024-38647

creationtimestamp| type| source ---|---|--- 2024-11-26 17:52:20+00:00| seen| https://t.me/itsecnews/4826...

Exploit for CVE-2021-38647

CVE-2021-38647 AKA "OMIGOD" A Zeek package which detects CVE-2...

CVE-2023-38647

creationtimestamp| type| source ---|---|--- 2023-07-26 12:28:29+00:00| seen| https://t.me/cibsecurity/67293...

com.facebook.presto.pinot:pinot-driver (>=0.1.1 <=0.1.2), com.facebook.presto:presto-pinot (>=0.229 <=0.295) +346 more potentially affected by CVE-2023-38647 via org.apache.helix:helix-core (>=0.6.5 <=1.2.0)

org.apache.helix:helix-core MAVEN version =0.6.5, =0.1.1, =0.229, =0.229, =0.229, =0.238, =0.0.2-snapshot, =0.6.0, =334, =351, =448 - org.apache.bookkeeper.tests:stream-storage-integration-test =4.7.0 - org.apache.bookkeeper:stream-storage-server =4.7.0 and more Source cves: CVE-2023-38647 Source...

CVE-2023-38647 vulnerabilities

Vulnerabilities for packages: trino...

CVE-2023-38647 vulnerabilities

Vulnerabilities for packages: trino...

CVE-2023-38647 Apache Helix: Deserialization vulnerability in Helix workflow and REST

An attacker can use SnakeYAML to deserialize java.net.URLClassLoader and make it load a JAR from a specified URL, and then deserialize javax.script.ScriptEngineManager to load code using that ClassLoader. This unbounded deserialization can likely lead to remote code execution. The code can be run...

CVE-2023-38647 Apache Helix: Deserialization vulnerability in Helix workflow and REST

An attacker can use SnakeYAML to deserialize java.net.URLClassLoader and make it load a JAR from a specified URL, and then deserialize javax.script.ScriptEngineManager to load code using that ClassLoader. This unbounded deserialization can likely lead to remote code execution. The code can be run...

CVE-2023-38647

CVE-2023-38647 describes a deserialization vulnerability in Apache Helix workflow and REST where SnakeYAML can deserialize java.net.URLClassLoader to load a JAR from a URL, and then javax.script.ScriptEngineManager to execute code with that ClassLoader. This unbounded deserialization can likely l...

SUSE CVE-2021-38647

unknown...

Microsoft OMI Management Interface Authentication Bypass Exploit

By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 released September 8th 2021. This module requires Metasploi...

Metasploit Wrap-Up

OMIGOD It's RCE We are excited to announce that we now have a module for the OMIGOD vulnerability that exploits CVE-2021-38647 courtesy of our very own Spencer McIntyre! Successful exploitation will allow an unauthenticated attacker to gain root level code execution against affected servers. Give...

Microsoft OMI Management Interface Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCXOperatingSystem' .freeze def initializeinfo = super updateinfo info, 'Name' = 'Microsoft OMI...

Security Bulletin: IBM QRadar Azure marketplace images include Open Management Infrastructure RPM, which is vulnerable to Remote Code Execution (CVE-2021-38647)

Summary IBM QRadar Azure marketplace images include the Open Management Infrastructure RPM which is vulnerable to CVE-2021-38647. Although we do not expose the affected port, we suggest updating out of an abundance of caution. Vulnerability Details CVEID: CVE-2021-38647 DESCRIPTION: Microsoft Azu...

Microsoft Azure Open Management Infrastructure remote command execution

Added: 09/28/2021 Background Microsoft Azure Open Management Infrastructure is an open source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards. Problem A vulnerability in Open Management Infrastructure allows remote attackers to execute...

Microsoft Azure Open Management Infrastructure remote command execution

Added: 09/28/2021 Background Microsoft Azure Open Management Infrastructure is an open source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards. Problem A vulnerability in Open Management Infrastructure allows remote attackers to execute...

Exploit for CVE-2021-38647

cve-2021-38647 https://github.com/corelight/CVE-2021-38647 wit...

Microsoft Open Management Infrastructure Remote Code Execution (CVE-2021-38647)

A remote code execution vulnerability exists in Microsoft Open Management Infrastructure. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...