CVE-2015-3760

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/dyldprinttofileroot.rb 2019-03-13 07:34:18+00:00| exploited| https://t.me/informationsecuritychannel/25462 2025-02-06 03:13:42+00:00|...

CVE-2004-1389

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/misc/veritasnetbackupcmdexec.rb 2025-02-06 03:13:38+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:08:08+00:00| seen...

Jaspersoft JasperReports Information Disclosure Vulnerability

JasperReports is a report generation tool that displays rich page content and converts it to PDF, HTML, or XML format. An information disclosure vulnerability exists in Jaspersoft JasperReports. A remote attacker can exploit this vulnerability to retrieve stored data source passwords, leading to...

UBUNTU-CVE-2018-9258

In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by preserving valid data sources...

CVE-2017-14941

Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and reading the HTML source code of the page reached in an Edit action for a Data Source connector...

PT-2019-3785 · Fasterxml +7 · Jackson-Databind +7

Name of the Vulnerable Software and Affected Versions: FasterXML jackson-databind versions prior to 2.9.10 FasterXML jackson-databind version 2.8.11.5 FasterXML jackson-databind version 2.6.7.3 Description: A Polymorphic Typing issue was discovered in FasterXML jackson-databind. It is related to...

PT-2019-4183 · Jackson +6 · Jackson-Databind +6

Name of the Vulnerable Software and Affected Versions: jackson-databind versions 2.0.0 through 2.9.10 jackson-databind versions prior to 2.9.10.1 jackson-databind versions prior to 2.8.11.5 jackson-databind versions prior to 2.6.7.3 Description: A Polymorphic Typing issue was discovered in the...

openSUSE Security Update : cacti and cacti-spine (openSUSE-2017-1173)

This update for cacti and cacti-spine fixes the following issues : Build version 1.1.26 - issue841: --input-fields variable not working with addgraphs.php cli - issue986: Resolve minor appearance problem on Modern theme - issue989: Resolve issue with data input method commands loosing spaces on...

CVE-2017-13088

creationtimestamp| type| source ---|---|--- 2017-10-16 10:16:35+00:00| exploited| https://t.me/bykvaadm/327 2017-10-17 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=233 2017-10-27 23:29:14+00:00| exploited| https://t.me/SHATOOB/2227 2018-12-19 08:18:08+00:00| seen|...

UBUNTU-CVE-2017-14941

Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and reading the HTML source code of the page reached in an Edit action for a Data Source connector...

Design/Logic Flaw

Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and reading the HTML source code of the page reached in an Edit action for a Data Source connector...

CVE-2017-14941

Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and reading the HTML source code of the page reached in an Edit action for a Data Source connector...

CVE-2017-14941

Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and reading the HTML source code of the page reached in an Edit action for a Data Source connector...

CVE-2017-14941

Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and reading the HTML source code of the page reached in an Edit action for a Data Source connector...

JasperSoft JasperReports 4.7 Password Disclosure Vulnerability

Exploit for php platform in category web applications + Credits: Joshua Platz aka Binary1985 + CVE ID: CVE-2017-14941 + Website: https://github.com/binary1985 + Source:...

CVE-2017-14941

CVE-2017-14941 affects JasperReports 4.7. The vulnerability stems from passwords stored in clear text for Data Source Connectors, enabling a remote, authenticated user to view stored Data Source passwords by accessing flow.html during an Edit operation for a Data Source. The attack relies on acce...

CVE-2017-14941

Removed by vendor...

CVE-2017-14941

Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and reading the HTML source code of the page reached in an Edit action for a Data Source connector...

JasperSoft JasperReports 4.7 Password Disclosure

Credits: Joshua Platz aka Binary1985 + CVE ID: CVE-2017-14941 + Website: https://github.com/binary1985 + Source: https://raw.githubusercontent.com/binary1985/VulnerabilityDisclosure/master/JasperSoft%20JasperReports%20-%204.7%20-%20CVE-2017-14941 Vendor: ==========================...

OpenText Document Sciences xPression 4.5SP1 Patch 13 Arbitrary File Read

Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - Arbitrary File Read Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14754 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression Explo...