CVE-2023-35042

GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime.exec in wps:LiteralData within a wps:Execute request, as exploited in the wild in June 2023. NOTE: the vendor states that they are unable to reproduce this in any version...

CVE-2020-11581

An issue was discovered in Pulse Secure Pulse Connect Secure PCS through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, allows a man-in-the-middle attacker to perform OS command injection attacks against a client via shell...

Apache Tomcat runtime.getRuntime().exec() Privilege Escalation (win)

No description provided by source. %@ page import=java.util.,java.io.% % % %-- abysssec inc public material just upload this file with abysssec.jsp and execute your command your command will run as administrator . you can download sam file add user or do anything you want . note : please be gentl...

CVE-2013-6366

The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote authenticated administrators to execute arbitrary code via a Runtime.getRuntime.exec call...