26 matches found
BELL-CVE-2023-53677
Bulletin has no description...
CVE-2023-53677
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix memory leaks in i915 selftests This patch fixes memory leaks on error escapes in function fakegetpages cherry picked from commit 8bfbdadce85c4c51689da10f39c805a7106d4567...
DEBIAN-CVE-2023-53677
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix memory leaks in i915 selftests This patch fixes memory leaks on error escapes in function fakegetpages cherry picked from commit 8bfbdadce85c4c51689da10f39c805a7106d4567...
UBUNTU-CVE-2023-53677
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix memory leaks in i915 selftests This patch fixes memory leaks on error escapes in function fakegetpages cherry picked from commit 8bfbdadce85c4c51689da10f39c805a7106d4567...
CVE-2023-53677
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix memory leaks in i915 selftests This patch fixes memory leaks on error escapes in function fakegetpages cherry picked from commit 8bfbdadce85c4c51689da10f39c805a7106d4567...
CVE-2023-53677 drm/i915: Fix memory leaks in i915 selftests
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix memory leaks in i915 selftests This patch fixes memory leaks on error escapes in function fakegetpages cherry picked from commit 8bfbdadce85c4c51689da10f39c805a7106d4567...
CVE-2025-53677
CVE-2025-53677 affects Jenkins Xooa Plugin versions 0.0.7 and earlier. The token is not masked on the global configuration form, enabling potential observation/capture of the Xooa Deployment Token by users with access to the Jenkins controller/file system. Remediation: update to a newer plugin ve...
Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities (CVE-2024-53677, CVE-2025-23184)
Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2024-53677 DESCRIPTION: File upload logic in Apache Struts is flawed. An attacker can manipulate file upload params to enable paths traversal and under some circumstances this ca...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts
CVE-2024-53677: Apache Struts path traversal to RCE vulnerabil...
SUSE CVE-2024-53677
File upload logic in Apache Struts is flawed. An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. This issue affects Apache Struts: from 2.0.0 before...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts
CVE-2024-53677 - Apache Struts 2 Remote Code Execution Vulnerabi...
Upgrade Struts to avoid false-positive scanner warnings about CVE-2024-53677
h3. Issue Summary Recent CVE-2024-53677 at Struts triggers vulnerability scanners warning. panel:title=Bamboo is not affected Supported versions of Bamboo 9.2+, 9.6+, 10.2+ are not affected because FileUploadInterceptor doesn't handle uploaded files. panel h3. Steps to Reproduce See WEB-INB/lib...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts
Disclaimer Do not use the related technologies described in...
Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected
Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. The issue, tracked as CVE-2024-53677, carries a CVSS score of 9.5 out of 10.0, indicating critical severity. The vulnerability shares similarities...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts
🚨🚨 CVE-2024-53677-S2-067 🚨🚨 Security Notice: CVE-2024-53677...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts
Source of POC https://y4tacker.github.io/2024/12/16/year/2024/...
Apache Struts 2.0.0 <=> 2.3.37(EOL) / 2.5.0 <=> 2.5.33 / 6.0.0 <=> 6.3.0.2 Remote Code Execution (S2-067)
The version of Apache Struts installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the S2-067 advisory. - File upload logic is flawed vulnerability in Apache Struts. This issue affects Apache Struts: from 2.0.0 before 6.4.0. Users...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts
🚨🚨 CVE-2024-53677-S2-067🚨🚨 Security Advisory: CVE-2024-53677 –...
CVE-2024-53677
A flaw was found in Apache Struts. Affected versions of this package are vulnerable to remote code execution RCE via manipulation of the file upload mechanism that enables path traversal. Under certain conditions, uploading a malicious file is possible and may then be executed on the server...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts
s2-067-CVE-2024-53677 s2-067CVE-2024-53677 Summary File uplo...