PT-2022-16896 · Jai-Ext +2 · Jai-Ext +2

Name of the Vulnerable Software and Affected Versions: JAI-EXT versions prior to 1.2.22 GeoServer affected versions not specified Description: Programs allowing Jiffle script to be provided via network request can lead to a Remote Code Execution as the Jiffle script is compiled into Java code via...

PT-2022-16921

Name of the Vulnerable Software and Affected Versions GeoServer versions prior to 2.21.0 GeoServer versions prior to 2.20.4 GeoServer versions prior to 1.19.6 Description The GeoServer security mechanism can perform an unchecked JNDI lookup, which can be used to perform class deserialization and...

GeoServer 输入验证错误漏洞

GeoServer is written in Java open source software server . GeoServer has an input validation error vulnerability that can be exploited by an attacker to perform unchecked JNDI lookups, which in turn can be used to perform class deserialization and lead to arbitrary code execution...

VulnCheck KEV: CVE-2023-25157

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols...

Unauthorized access vulnerability in geoserver

GeoServer is a J2EE implementation of the OpenGIS Web Server specification. GeoServer makes it easy to publish map data, allows users to update, delete and insert feature data, and makes it easy to share spatial geographic information between users. There is an unauthorized access vulnerability i...

Denial Of Service (DoS)

geoserver is vulnerable to denial of service DoS attacks. The vulnerability exists due to the attempts to prematurely flush buffer contents when geoserver is handling an in-memory buffer, causing DoS attacks...

Geoserver 2.5.x < 2.5.5.1, 2.6.x < 2.6.4, 2.7.x < 2.7.1.1 XXE Vulnerability - Active Check

Geoserver is prone to an XML external entity XXE vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Geoserver < 2.7.1.1 / < 2.6.4 / < 2.5.5.1 - XXE Exploit

Exploit for multiple platform in category web applications Exploit Title : GeoServer XXE Date : 11/08/2015 Exploit Author : David Bloom Script - Ping to Sven Claessens, Jacques Villemur and Eric Donners Vendor homepage : http://geoserver.org Software Link : http://geoserver.org/release/stable...

Geoserver 2.7.1.1 2.6.4 2.5.5.1 - XML External Entity

Geoserver 2.7.1.1 2.6.4 2.5.5.1 - XML External Entity Exploit Title : GeoServer XXE Date : 11/08/2015 Exploit Author : David Bloom Script - Ping to Sven Claessens, Jacques Villemur and Eric Donners Vendor homepage : http://geoserver.org Software Link : http://geoserver.org/release/stable Version ...

Geoserver &lt; 2.7.1.1 / &lt; 2.6.4 / &lt; 2.5.5.1 - XML External Entity

Exploit Title : GeoServer XXE Date : 11/08/2015 Exploit Author : David Bloom Script - Ping to Sven Claessens, Jacques Villemur and Eric Donners Vendor homepage : http://geoserver.org Software Link : http://geoserver.org/release/stable Version : 2.7 : 2.7.1.1 / 2.6 : 2.6.4 / 2.5 : 2.5.5.1 Tested :...

GeoServer Memory Corruption Vulnerability

This host is installed with GeoServer and is prone to Memory Corruption vulnerability. OpenVAS Vulnerability Test $Id: secpodgeoservermemcorrvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ GeoServer Memory Corruption Vulnerability Authors: Nikita MR Copyright: Copyright c 2009 SecPod,...

GeoServer Detection (HTTP)

HTTP based detection of GeoServer. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.900945";...

GeoServer < 1.6.1, 1.7.x < 1.7.0-beta1 DoS Vulnerability

GeoServer is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:geoserver:geoserver"...

Buffer overflow

PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an "in memory buffer," which prevents the reporting of a service exception, with unknown impact and attack vectors...

CVE-2008-7227

PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an "in memory buffer," which prevents the reporting of a service exception, with unknown impact and attack vectors...

CVE-2008-7227

Geoserver exposes a vulnerability CVE-2008-7227 in which PartialBufferOutputStream2 may flush buffer contents while handling an in-memory buffer, preventing service exceptions from being reported. Affected products are GeoServer prior to 1.6.1 and 1.7.0-beta1. The underlying cause is in PartialBu...

CVE-2008-7227

PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an "in memory buffer," which prevents the reporting of a service exception, with unknown impact and attack vectors...