CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

114 matches found

OpenVAS•added 2018/01/28 12:0 a.m.•26 views

Debian: Security Advisory (DLA-989-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.12492EPSS

Exploits0References3

Tenable Nessus•added 2017/10/30 12:0 a.m.•32 views

GLSA-201710-28 : Jython: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201710-28 Jython: Arbitrary code execution It was found that Jython is vulnerable to arbitrary code execution by sending a serialized function to the deserializer. Impact : Remote execution of arbitrary code by enticing a user to...

9.8CVSS8.9AI score0.12492EPSS

Exploits0References2

Gentoo Linux•added 2017/10/29 12:0 a.m.•35 views

Jython: Arbitrary code execution

Background An implementation of Python written in Java. Description It was found that Jython is vulnerable to arbitrary code execution by sending a serialized function to the deserializer. Impact Remote execution of arbitrary code by enticing a user to execute malicious code. Workaround There is ...

9.8CVSS9.6AI score0.12492EPSS

Exploits0

BDU FSTEC•added 2017/08/03 12:0 a.m.•5 views

The vulnerability of the Jython software platform, related to the restoration of unreliable data in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Jython software platform lies in the possibility of restoring unreliable data in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code using a specially created serialized object of type PyFunction...

7.5CVSS8.2AI score0.12492EPSS

Exploits0References9Affected Software1

Tenable Nessus•added 2017/07/24 12:0 a.m.•33 views

F5 Networks BIG-IP : Python and Jython vulnerability (K53192206)

REJECT Various versions of Python do not properly restrict readline calls, which allows remote attackers to cause a denial of service memory consumption via a long string, related to 1 httplib - fixed in 2.7.4, 2.6.9, and 3.3.3; 2 ftplib - fixed in 2.7.6, 2.6.9, 3.3.3; 3 imaplib - not yet fixed i...

7.2AI score

Exploits1References4

Tenable Nessus•added 2017/07/24 12:0 a.m.•33 views

F5 Networks BIG-IP : Python and Jython vulnerability (K78825687)

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a 'buffer' function. CVE-2014-7185 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

6.4CVSS7.5AI score0.01134EPSS

Exploits1References2

Tenable Nessus•added 2017/07/19 12:0 a.m.•1348 views

Oracle WebLogic Server Multiple Vulnerabilities (July 2017 CPU)

The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities : - A flaw exists in Jython due to executable classes being created with insecure permissions. A local attacker can exploit this to bypass intended access restrictions and thereby disclose...

10CVSS8.3AI score0.94267EPSS

Exploits44References9

CNVD•added 2017/07/07 12:0 a.m.•3 views

Jython Arbitrary Code Execution Vulnerability

Jython is an implementation of the Python programming language that runs on the Java platform. An arbitrary code execution vulnerability exists in Jython. Allows an attacker to execute arbitrary code via specially designed serialized PyFunction objects...

9.8CVSS9.6AI score0.12492EPSS

Exploits0References1