22 matches found
EUVD-2016-3086
Malware in sbrugna...
EUVD-2017-17934
Malware in sbrugna...
HPE Operations Orchestration backwards-compatibility beanutils Insecure Deserialization (CVE-2017-8994)
An insecure deserialization vulnerability exists in HPE Operations Orchestration. The vulnerability is due to the incomplete fix for deserialization of untrusted data in backwards-compatibility servlets...
HPE Operations Orchestration RCE Vulnerability (hpesbgn03767)
HPE Operations Orchestration is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
HPE Operations Orchestration Detection (HTTP)
HTTP based detection of HPE Operations Orchestration. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Remote code execution
A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found...
CVE-2016-8519
A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found...
CVE-2016-8519
A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found...
CVE-2016-8519
CVE-2016-8519 describes a remote code execution vulnerability in Hewlett Packard Enterprise Operations Orchestration (HPE OOE) Community and Enterprise editions, prior to version 10.70. The flaw resides in the wsExecutionBridgeService servlet, where improper validation of user-supplied data and i...
CVE-2016-8519
A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found...
Input validation
A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely...
CVE-2017-8994
A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely...
CVE-2017-8994
A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely...
CVE-2017-8994
CVE-2017-8994 affects HP Operations Orchestration versions before 10.80. The vulnerability enables remote code execution via deserialization of untrusted data, supported by multiple advisories (insecure/deserialization in central-remoting and backwards-compatibility servlets; WS execution bridge ...
CVE-2017-8994
A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely...
HPE Operations Orchestration central-remoting Insecure Deserialization (CVE-2017-8994)
An insecure deserialization vulnerability in HPE Operations Orchestration. The vulnerability is due to the deserialization of untrusted data in central-remoting servlets. A remote, unauthenticated attacker can exploit this vulnerability by sending crafted serialized data to the target application...
HPE Operations Orchestration Remote Code Execution Vulnerability
HPE Operations Orchestration is a suite of IT process automation solutions from Hewlett Packard Enterprise HPE. A remote code execution vulnerability exists in HPE Operations Orchestration versions prior to 10.80. A remote attacker could exploit the vulnerability to execute code...
HPE Operations Orchestration Insecure Deserialization (CVE-2016-8519)
An insecure deserialization vulnerability has been reported in HPE Operations Orchestration. The vulnerability is due to the deserialization of untrusted data in several servlets used for backwards compatibility with older API versions. A remote, unauthenticated attacker can exploit this...
CVE-2016-1997
HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library...
Code injection
HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library...