8 matches found
EUVD-2025-202446
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not correctly verify the name of an attacker-controlled WSDL service, leading to insecure reflection. This can result in remote code execution through either invocation of arbitrary methods or...
CVE-2025-34393 Barracuda RMM < 2025.1.1 Service Center Insecure Reflection RCE
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not correctly verify the name of an attacker-controlled WSDL service, leading to insecure reflection. This can result in remote code execution through either invocation of arbitrary methods or...
CVE-2025-34393 Barracuda RMM < 2025.1.1 Service Center Insecure Reflection RCE
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not correctly verify the name of an attacker-controlled WSDL service, leading to insecure reflection. This can result in remote code execution through either invocation of arbitrary methods or...
CVE-2025-34393
Barracuda Service Center (RMM solution) before 2025.1.1 is affected. The root cause is improper validation of the name of an attacker-controlled WSDL service, enabling insecure reflection that can lead to remote code execution via invocation of arbitrary methods or deserialization of untrusted ty...
Progress Telerik UI 资源管理错误漏洞
Progress Telerik UI is a suite of UI user interface controls for application development from Progress, Inc. A security vulnerability exists in Progress Telerik UI versions 2011.2.712 through 2025.1.218, which stems from insecure reflection that could lead to unhandled exceptions, which in turn...
generator-jhipster-entity-audit 安全漏洞
generator-jhipster-entity-audit is a JHipster module in the JHipster open source for enabling entity auditing and audit log pages. A security vulnerability exists in generator-jhipster-entity-audit versions prior to 5.9.1 that stems from insecure reflection that could lead to remote code executio...
Kentico Xperience 安全漏洞
Kentico Xperience is a digital experience platform from Kentico, Inc. A security vulnerability exists in Kentico Xperience version 13.0.180 and prior versions, which stems from insecure reflection and could lead to a denial of service...
JDK: getDeclaredMethods() and setAccessible() code execution
Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics...