ai.foxpay.api:foxpay-sdk (>=1.0 <=1.1), ai.genauth:genauth-java-sdk (=3.1.11) +261 more potentially affected by CVE-2022-22885 via cn.hutool:hutool-http (>=4.0.12 <=5.7.18)

cn.hutool:hutool-http MAVEN version =4.0.12, =1.0, =2.4.3, =2.4.3, =2.4.3, =2.4.3, =2.4.3, =2.4.3, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =2.0.3, =2.0.5, =3.0.2 and more Source cves: CVE-2022-22885 Source advisory: OSV:GHSA-P7W9-8MXW-P3G7...

Keking kkFileview 路径遍历漏洞

Keking KkFileview is a Spring-Boot project from Keking Technology Keking, a Chinese company that builds online previews for documents. A security vulnerability exists in Keking KkFileview, which originates from the presence of a directory traversal vulnerability to read arbitrary files, which cou...

club.javafamily:javafamily-utils-all (>=2.3.2-beta.3 <=2.3.2-beta.4), club.javafamily:javafamily-utils-pdf-itext (>=2.3.2-beta.3 <=2.3.2-beta.4) +213 more potentially affected by CVE-2022-24196 via com.itextpdf:itext7-core (>=7.0.4 <=7.1.16)

com.itextpdf:itext7-core MAVEN version =7.0.4, =2.3.2-beta.3, =2.3.2-beta.3, =1.6.0, =0.0.30, =0.1, =1.0, =1.0, =1.0, =1.1 - com.houkunlin.easypoi:easypoi-base =5.0.2 - com.houkunlin.easypoi:easypoi-spring-boot-starter =5.0.2 - com.houkunlin.easypoi:easypoi-web =5.0.2 -...

JavaQuarkBBS Cross-Site Scripting Vulnerability

JavaQuarkBbs is a simple Java community based on Spring Boot implementation in China.JavaQuarkBBS in v2 and its previous versions suffers from a cross-site scripting vulnerability, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit thi...

com.hazelcast.jet.contrib:hazelcast-jet-spring-boot-starter (>=2.0.0 <=2.0.1), com.hazelcast.jet.contrib:http (=0.1) +57 more potentially affected by unknown CVE via com.hazelcast.jet:hazelcast-jet (>=4.1 <=4.5.2)

com.hazelcast.jet:hazelcast-jet MAVEN version =4.1, =2.0.0, =4.1, =4.3, =4.1, =4.1, =4.2, =4.1, =4.1, =4.1, =4.1, =4.4, =4.1, =4.5.2 and more Source cves: unknown CVE Source advisory: OSV:GHSA-V57X-GXFJ-484Q...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j Spring vulnerable POC This is a POC for a simple spring...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4shell-rmi-poc A Proof of Concept of the Log4j vulnerabilit...

Metasploit Wrap-Up

Log4Shell - Log4j HTTP Scanner Versions of Apache Log4j impacted by CVE-2021-44228 which allow JNDI features used in configuration, log messages, and parameters, do not protect against attacker controlled LDAP and other JNDI related endpoints. This module will scan an HTTP endpoint for the...

IBM Spectrum Copy Data Management Unauthorized Access Vulnerability

IBM Spectrum Copy Data Management, an IBM company that modernizes, streamlines, and automates data center copy management processes, has a security vulnerability that could be exploited by an attacker to gain unauthorized access to the Spring Boot console...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Simple Spring Boot application vulnerable to CVE-2021-44228 L...

CVE-2021-39052

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the Spring Boot console without authorization. IBM X-Force ID: 214523...

CVE-2021-39052

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the Spring Boot console without authorization. IBM X-Force ID: 214523...

Authorization

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the Spring Boot console without authorization. IBM X-Force ID: 214523...

CVE-2021-39052

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the Spring Boot console without authorization. IBM X-Force ID: 214523...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j-CVE-2021-44228-test demo projects to highlight how to ex...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228 Spring Boot Test Service This is a dirty hack s...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228 Spring Boot Test Service This is a dirty hack s...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4JExploitation-VulnerabiliyCVE-2021-44228. !Untitled...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4JExploitation-VulnerabiliyCVE-2021-44228. !Untitled...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228-docker-example A simple demonstration of CVE-2...