192 matches found
CVE-2016-6809
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization...
Deserialization of untrusted data
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization...
CVE-2016-6809
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization...
CVE-2016-6809
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization...
CVE-2016-6809
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization...
CVE-2016-6809
Apache Tika prior to 1.14 is vulnerable to remote Java code execution via serialized objects embedded in MATLAB files. The root cause is native deserialization invoked through JMatIO, enabling an attacker to inject and execute code during object deserialization. Public references in the connected...
CVE-2016-6809
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization...
Apache Struts 2 Remote Code Execution (CVE-2017-5638)
Description Crowd used a version of Struts 2 that was vulnerable to CVE-2017-5638|https://cwiki.apache.org/confluence/display/WW/S2-045. Attackers can use this vulnerability to execute Java code of their choice on systems that have a vulnerable version of Crowd. Affected versions: All versions of...
Microsoft Power Point 2016 - Java Code Execution
Exploit Title: Microsoft Power Point Java Payload Code Execution Exploit Author: Fady Mohamed Osman @fadyosman Exploit-db : http://www.exploit-db.com/author/?a=2986 Demo Video : https://www.youtube.com/watch?v=DOJSUJK7hRo Video Tutorial : https://www.youtube.com/watch?v=Lih-iuXgEM Youtube Channel...
Microsoft Power Point 2016 - Java Code Execution
Microsoft Power Point 2016 - Java Code Execution Exploit Title: Microsoft Power Point Java Payload Code Execution Exploit Author: Fady Mohamed Osman @fadyosman Exploit-db : http://www.exploit-db.com/author/?a=2986 Demo Video : https://www.youtube.com/watch?v=DOJSUJK7hRo Video Tutorial :...
Java (OGNL) code execution in Apache Struts 2 when devMode is enabled
Overview Apache Struts 2 provided by the Apache Software Foundation is a software framework for creating Java web applications. There is a known risk that arbitrary Java OGNL code may be executed in Apache Struts 2 when devMode is enabled in production environment. It is confirmed that...
CVE-2016-6809
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization...
Apache OFBiz Security Bypass Vulnerability
Apache OFBiz also known as Apache Open For Business Project is the United States Apache Apache Software Foundation of a set of enterprise resource planning ERP system. The system provides a set of Java-based Web application components and tools. A security bypass vulnerability exists in Apache...
Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder
Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder Vendor: Wieland Electric GmbH Product web page: http://www.wieland-electric.com Affected version: 4.1 Build 9 Summary: Your new software for the configuration of Wieland terminal rails. wieplan enables you to plan a...
Wieland wieplan 4.1 - Document Parsing Java Code Execution Using XMLDecoder
Exploit for multiple platform in category local exploits Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder Vendor: Wieland Electric GmbH Product web page: http://www.wieland-electric.com Affected version: 4.1 Build 9 Summary: Your new software for the configuration of...
Wieland wieplan 4.1 - Document Parsing Java Code Execution Using XMLDecoder
Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder Vendor: Wieland Electric GmbH Product web page: http://www.wieland-electric.com Affected version: 4.1 Build 9 Summary: Your new software for the configuration of Wieland terminal rails. wieplan enables you to plan a complet...
Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder
Summary Your new software for the configuration of Wieland terminal rails. wieplan enables you to plan a complete terminal rail in a very simple way and to then place an order with Wieland. The configured terminal rail can be stored in DXF format and read into a CAD tool for further processing. D...
CVE-2015-7913
agserverservice.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows local users to execute arbitrary Java code with SYSTEM privileges by using the Apache Axis AdminService deployment method to publish a class...
Symantec Endpoint Protection Manager-RU6-MP3 Arbitrary Java Code Execution Vulnerability
Symantec Endpoint Protection Manager is a centralized manager for Symantec's enterprise-class antivirus software. An arbitrary Java code execution vulnerability exists in Symantec Endpoint Protection Manager version 12.1 prior to 12.1-RU6-MP3, which allows remote attackers to execute arbitrary Ja...
Atlassian Bamboo 2.2.x < 5.8.5 / 5.9.x < 5.9.7 Unspecified Resource Deserialization RCE
According to its self-reported version number, the instance of Atlassian Bamboo running on the remote host is version 2.2.x prior to 5.8.5 or 5.9.x prior to 5.9.7. It is, therefore, affected by an unspecified resource deserialization flaw due to improper validation of user-supplied input. An...