Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/15 2:36 p.m.7 views

CVE-2026-50633

A flaw was found in Apache CXF's JCA integration module. This Java Naming and Directory Interface JNDI Injection vulnerability allows for arbitrary code execution. A remote attacker could exploit this by manipulating the Java EE Connector Architecture JCA deployment descriptor ra.xml or runtime...

8.1CVSS5.7AI score0.00782EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/12 11:10 a.m.7 views

Improper Validation of Specified Type of Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input in the DispatchMDBMessageListenerImpl method. An attacker can achieve arbitrary code execution by providing crafted values in the JCA deployment descriptor ra.xml or runtime activation...

9.2CVSS6.1AI score0.00782EPSS
Exploits0References2
NVD
NVD
added 2026/06/12 10:16 a.m.11 views

CVE-2026-50633

A JNDI Injection vulnerability has been discovered in Apache CXF's JCA integration module, which can allow for code execution, if an attacker is able to manipulate the JCA deployment descriptor ra.xml or runtime activation parameters. Users are recommended to upgrade to versions 4.2.2 or 4.1.7,...

8.1CVSS0.00782EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/12 9:2 a.m.7 views

CVE-2026-50633 Apache CXF: JNDI Injection vulnerability in DispatchMDBMessageListenerImpl

A JNDI Injection vulnerability has been discovered in Apache CXF's JCA integration module, which can allow for code execution, if an attacker is able to manipulate the JCA deployment descriptor ra.xml or runtime activation parameters. Users are recommended to upgrade to versions 4.2.2 or 4.1.7,...

5.3AI score0.00782EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 9:2 a.m.7 views

EUVD-2026-36401

A JNDI Injection vulnerability has been discovered in Apache CXF's JCA integration module, which can allow for code execution, if an attacker is able to manipulate the JCA deployment descriptor ra.xml or runtime activation parameters. Users are recommended to upgrade to versions 4.2.2 or 4.1.7,...

8.1CVSS5.3AI score0.00782EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/02/02 12:0 a.m.11 views

Cisco Iox 操作系统命令注入漏洞

Cisco Iox is a secure development environment from Cisco that combines Cisco IOS and Linux OS for secure network connectivity and development of IOT applications. A security vulnerability exists in Cisco Iox that stems from incomplete cleaning of parameters passed in to activate an application,...

8.8CVSS8.6AI score0.01506EPSS
Exploits0References3
Rows per page
Query Builder