Lucene search
+L

65 matches found

nvd
nvd
added 2019/12/12 7:15 p.m.30 views

CVE-2019-18288

A vulnerability has been identified in SPPA-T3000 Application Server All versions Service Pack R8.2 SP2. An attacker with valid authentication at the RMI interface could be able to gain remote code execution through an unsecured file upload. Please note that an attacker needs to have access to th...

8.8CVSS9.2AI score0.04007EPSS
Exploits0References2
cvelist
cvelist
added 2019/12/12 7:8 p.m.30 views

CVE-2019-18288

A vulnerability has been identified in SPPA-T3000 Application Server All versions Service Pack R8.2 SP2. An attacker with valid authentication at the RMI interface could be able to gain remote code execution through an unsecured file upload. Please note that an attacker needs to have access to th...

8.8AI score0.04007EPSS
Exploits0References2
nvd
nvd
added 2018/08/15 6:29 p.m.29 views

CVE-2018-11247

The JMX/RMI interface in Nasdaq BWise 5.0 does not require authentication for an SAP BO Component, which allows remote attackers to execute arbitrary code via a session on port 81...

9.8CVSS9.8AI score0.02594EPSS
Exploits1References1
prion
prion
added 2018/06/28 4:29 p.m.25 views

Default configuration

The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. This issue is a regression of CVE-2015-0225. The regression was introduced in...

7.5CVSS9.6AI score0.06645EPSS
Exploits0References1Affected Software1
osv
osv
added 2018/06/28 4:29 p.m.6 views

CVE-2018-8016

The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. This issue is a regression of CVE-2015-0225. The regression was introduced in...

9.8CVSS8.2AI score
Exploits0References1
cvelist
cvelist
added 2018/06/28 4:0 p.m.29 views

CVE-2018-8016

The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. This issue is a regression of CVE-2015-0225. The regression was introduced in...

9.7AI score0.02289EPSS
Exploits0References1
cve
cve
added 2018/06/28 4:0 p.m.109 views

CVE-2018-8016

CVE-2018-8016 affects Apache Cassandra 3.8–3.11.1, where the default configuration binds an unauthenticated JMX/RMI interface to all network interfaces, allowing a remote attacker to execute arbitrary Java code via an RMI request. This is a regression of CVE-2015-0225, introduced in CASSANDRA-121...

9.8CVSS9.5AI score0.02289EPSS
Exploits0References1Affected Software1
bdu_fstec
bdu_fstec
added 2017/12/07 12:0 a.m.6 views

The vulnerability of the Java RMI interface of the Smart Network Configuration Manager system allows a perpetrator to execute arbitrary code or cause service failures.

The vulnerability of the Java RMI interface of the Smart Network Configuration Manager, a system for automatic management of network configurations, is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary...

10CVSS8.2AI score0.05759EPSS
Exploits0References3Affected Software1
nessus
nessus
added 2017/01/13 12:0 a.m.226 views

NetIQ Sentinel Java Object Deserialization RCE

The remote Novell NetIQ Sentinel server is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the BeanShell library. An unauthenticated, remote attacker can exploit this, by sending a specially crafted serialized Java object via th...

6AI score
Exploits0References2
exploitpack
exploitpack
added 2016/11/29 12:0 a.m.13 views

WinPower 4.9.0.4 - Local Privilege Escalation

WinPower 4.9.0.4 - Local Privilege Escalation // Exploit Title: WinPower V4.9.0.4 Privilege Escalation // Date: 29-11-2016 // Software Link: http://www.ups-software-download.com/ // Exploit Author: Kacper Szurek // Contact: http://twitter.com/KacperSzurek // Website: http://security.szurek.pl/ //...

0.2AI score
Exploits0
zdt
zdt
added 2016/11/29 12:0 a.m.468 views

WinPower 4.9.0.4 - Privilege Escalation Exploit

Exploit for windows platform in category local exploits Exploit Title: WinPower V4.9.0.4 Privilege Escalation Date: 29-11-2016 Software Link: http://www.ups-software-download.com/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category:...

6.8AI score
Exploits0
nessus
nessus
added 2016/02/17 12:0 a.m.243 views

Lexmark Markvision Enterprise Java Object Deserialization RCE

The remote Lexmark Markvision Enterprise server is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections ACC library. An unauthenticated, remote attacker can exploit this, by sending a specially crafted...

8.8CVSS9.3AI score0.0288EPSS
Exploits0References3
nvd
nvd
added 2014/01/16 7:55 p.m.23 views

CVE-2014-0648

The RMI interface in Cisco Secure Access Control System ACS 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187...

10CVSS6.7AI score0.05929EPSS
Exploits0References7
nvd
nvd
added 2014/01/16 7:55 p.m.21 views

CVE-2014-0649

The RMI interface in Cisco Secure Access Control System ACS 5.x before 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180...

9CVSS6AI score0.02645EPSS
Exploits0References7
prion
prion
added 2014/01/16 7:55 p.m.24 views

Authorization

The RMI interface in Cisco Secure Access Control System ACS 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187...

10CVSS7.2AI score0.05929EPSS
Exploits0References7Affected Software1
prion
prion
added 2014/01/16 7:55 p.m.18 views

Design/Logic Flaw

The RMI interface in Cisco Secure Access Control System ACS 5.x before 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180...

9CVSS6.5AI score0.02645EPSS
Exploits0References7Affected Software1
cvelist
cvelist
added 2014/01/16 7:0 p.m.25 views

CVE-2014-0648

The RMI interface in Cisco Secure Access Control System ACS 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187...

6.7AI score0.05929EPSS
Exploits0References7
cvelist
cvelist
added 2014/01/16 7:0 p.m.24 views

CVE-2014-0649

The RMI interface in Cisco Secure Access Control System ACS 5.x before 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180...

6AI score0.02645EPSS
Exploits0References7
cvelist
cvelist
added 2014/01/16 7:0 p.m.22 views

CVE-2014-0667

The RMI interface in Cisco Secure Access Control System ACS does not properly enforce authorization requirements, which allows remote authenticated users to read arbitrary files via a request to this interface, aka Bug ID CSCud75169...

6.2AI score0.01405EPSS
Exploits0References6
cve
cve
added 2014/01/16 7:0 p.m.54 views

CVE-2014-0667

Cisco Secure Access Control System (ACS) is affected by CVE-2014-0667 due to insufficient authorization enforcement in the Remote Method Invocation (RMI) interface. A remote, authenticated attacker can read arbitrary files on the ACS server by issuing a crafted request to the RMI interface. The i...

6.3CVSS6.3AI score0.01405EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder