27 matches found
CVE-2019-12409
The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLEREMOTEJMXOPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and...
CVE-2013-1945
ruby193 uses an insecure LDLIBRARYPATH setting...
Design/Logic Flaw
ruby193 uses an insecure LDLIBRARYPATH setting...
Apache Solr 8.11, 8.20 have unauthenticated JMX server enabled in default config
The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLEREMOTEJMXOPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and...
Design/Logic Flaw
Inappropriate setting of the SEEMASKFLAGNOUI flag in file downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially bypass OS malware checks via a crafted HTML page...
Design/Logic Flaw
In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems where rhshellfix was enabled, and consequently allowed site admins to inject arbitrary OS commands. The impact is limited by th...
CVE-2007-6724
Vidalia bundle before 0.1.2.18, when running on Windows, installs Privoxy with a configuration file config.txt or config that contains an insecure enable-remote-http-toggle setting, which allows remote attackers to bypass intended access restrictions and modify configuration...