Apache Solr 6.x < 6.4.1 Directory Traversal

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. Solr versions 5.5.4 and 6.x 6.4.1 do not validate this file name allowing for a remote, unauthenticated attacker to access any files readable by...

CVE-2016-6268

Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local webserv users to execute arbitrary code with root privileges via a Trojan horse .war file in the Solr webapps directory...