Lucene search
K

19 matches found

GithubExploit
GithubExploit
added 2026/04/29 12:58 p.m.121 views

h2database-rce-poc

H2 Console RCE Exploit Toolkit Vulnerability exploitation scr...

10CVSS7.2AI score0.64766EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2024/11/27 12:0 a.m.21 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.11 Security update (Important) (RHSA-2024:10207)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10207 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release ...

10CVSS8.4AI score0.81147EPSS
Exploits23References35
Ubuntu
Ubuntu
added 2024/06/13 2:44 p.m.43 views

USN-6834-1: H2 vulnerabilities

It was discovered that H2 was vulnerable to deserialization of untrusted data. An attacker could possibly use this issue to execute arbitrary code. CVE-2021-42392 It was discovered that H2 incorrectly handled some specially crafted connection URLs. An attacker could possibly use this issue to...

10CVSS8.8AI score0.64766EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.31 views

Ubuntu 16.04 LTS / 18.04 LTS : H2 vulnerabilities (USN-6834-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6834-1 advisory. It was discovered that H2 was vulnerable to deserialization of untrusted data. An attacker could possibly use this issue to execute arbitrary...

10CVSS9.1AI score0.64766EPSS
Exploits6References3
RedHat Linux
RedHat Linux
added 2022/06/06 3:54 p.m.140 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 7

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

10CVSS7.2AI score0.64766EPSS
Exploits9References36
Tenable Nessus
Tenable Nessus
added 2022/06/06 12:0 a.m.106 views

RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 8 (Moderate) (RHSA-2022:4919)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4919 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

10CVSS7.6AI score0.64766EPSS
Exploits9References53
Tenable Nessus
Tenable Nessus
added 2022/06/06 12:0 a.m.126 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 7 (Moderate) (RHSA-2022:4918)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4918 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

10CVSS7.6AI score0.64766EPSS
Exploits9References53
Ubuntu
Ubuntu
added 2022/04/05 3:14 p.m.132 views

USN-5365-1: H2 vulnerabilities

It was discovered that H2 was vulnerable to deserialization of untrusted data. An attacker could possibly use this issue to execute arbitrary code. CVE-2021-42392 It was discovered that H2 incorrectly handled some specially crafted connection URLs. An attacker could possibly use this issue to...

10CVSS8.8AI score0.64766EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2022/04/05 12:0 a.m.66 views

Ubuntu 20.04 LTS : H2 vulnerabilities (USN-5365-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5365-1 advisory. It was discovered that H2 was vulnerable to deserialization of untrusted data. An attacker could possibly use this issue to execute arbitrary code...

10CVSS9.1AI score0.64766EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2022/02/16 12:0 a.m.57 views

Debian DSA-5076-1 : h2database - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5076 advisory. Security researchers of JFrog Security and Ismail Aydemir discovered two remote code execution vulnerabilities in the H2 Java SQL database engine which can b...

10CVSS8.9AI score0.64766EPSS
Exploits6References9
Debian
Debian
added 2022/02/15 2:9 p.m.53 views

[SECURITY] [DSA 5076-1] h2database security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5076-1 [email protected] https://www.debian.org/security/ Markus Koschany February 15, 2022 https://www.debian.org/security/faq -...

10CVSS10AI score0.64766EPSS
Exploits6
Debian
Debian
added 2022/02/15 12:6 a.m.41 views

[SECURITY] [DLA 2923-1] h2database security update

Debian LTS Advisory DLA-2923-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany February 15, 2022 https://wiki.debian.org/LTS Package : h2database Version : 1.4.193-1+deb9u1 CVE ID : CVE-2021-42392 CVE-2022-23221 Debian Bug : 1003894 Security researchers of JFrog...

10CVSS7.7AI score0.64766EPSS
Exploits6
0day.today
0day.today
added 2022/01/25 12:0 a.m.364 views

H2 Database Console Remote Code Execution Exploit

The H2 Database console suffers from an unauthenticated remote code execution vulnerability. Document Title =============== Unauthenticated RCE vuln in the H2 Database console: CVE-2022-23221. Product Description =============== The H2 Console Application The Console lets you access a SQL databas...

9.8CVSS0.9AI score0.64766EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/01/25 12:0 a.m.320 views

H2 Database Console Remote Code Execution

Document Title =============== Unauthenticated RCE vuln in the H2 Database console: CVE-2022-23221. Product Description =============== The H2 Console Application The Console lets you access a SQL database using a browser interface. Homepage: http://www.h2database.com/html/quickstart.html Affecte...

0.1AI score0.64766EPSS
Exploits4
vulnersOsv
vulnersOsv
added 2022/01/21 11:7 p.m.6 views

africa.absa:inception-application (>=1.0.0 <=1.2.0), africa.absa:inception-test (>=1.0.0 <=1.2.0) +5756 more potentially affected by CVE-2022-23221 via com.h2database:h2 (>=1.0.63 <=2.0.206)

com.h2database:h2 MAVEN version =1.0.63, =1.0.0, =1.0.0, =0.5.0, =0.5.0, =0.1.0, =0.2.0, =0.2.0, =1.0.0, =0.5.2, =0.9.6, =1.0, =1.0.0, =1.0.5 and more Source cves: CVE-2022-23221 Source advisory: OSV:GHSA-45HX-WFHJ-473X...

10CVSS7.1AI score0.64766EPSS
Exploits4
OSV
OSV
added 2022/01/19 5:15 p.m.13 views

UBUNTU-CVE-2022-23221

H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNOREUNKNOWNSETTINGS=TRUE;FORBIDCREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392...

9.8CVSS7.5AI score0.64766EPSS
Exploits4References7
OSV
OSV
added 2022/01/19 12:0 a.m.23 views

CVE-2022-23221

H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNOREUNKNOWNSETTINGS=TRUE;FORBIDCREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392...

9.8CVSS9.6AI score0.64766EPSS
Exploits4References12
CVE
CVE
added 2022/01/19 12:0 a.m.328 views

CVE-2022-23221

H2Database/H2 Console, affected version before 2.1.210, is vulnerable to remote code execution via a crafted JDBC URL in the H2 Console. The vulnerability is triggered by a substring in the URL jdbc:h2:mem with IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT, enabling arbitrary ...

10CVSS9.5AI score0.64766EPSS
Exploits4References10Affected Software1
Debian CVE
Debian CVE
added 2022/01/19 12:0 a.m.66 views

CVE-2022-23221

H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNOREUNKNOWNSETTINGS=TRUE;FORBIDCREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392...

10CVSS9.1AI score0.64766EPSS
Exploits4
Rows per page
Query Builder