EUVD-2022-3025

Malicious code in bioql PyPI...

RHEL 5 : struts (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - struts: Vulnerability in ActionForm allows unintended remote operations against components on server memo...

K40444230: Apache Struts 1 vulnerability CVE-2016-1181

Security Advisory Description ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service unexpected memory access via a multipart request, a related issue ...

SUSE CVE-2016-1181

ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service unexpected memory access via a multipart request, a related issue to CVE-2015-0899...

Apache Struts 1 ActionForm Denial-of-Service Vulnerability

ActionForm in Apache Struts versions before 1.2.9 with BeanUtils 1.7 contains a vulnerability that allows for denial-of-service DoS...

Arbitrary code execution in Apache Commons BeanUtils

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrar...

1: Class Loader manipulation via request parameters

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrar...

Apache Struts < 1.3.10 / < 2.3.16.2 - ClassLoader Manipulation Remote Code Execution Exploit

Exploit for windows platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Apache Struts ClassLoader Manipulation Remote Code Execution',...

Apache Struts 1.x - 1.3.10 Multiple Vulnerabilities - Windows

Apache Struts is prone to multiple vulnerabilities. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

The vulnerability of WebLogic Server’s software allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability exists in Apache Commons BeanUtils, within the commons-beanutils library, due to the possibility of accessing class properties. Exploiting this vulnerability allows malicious actors to “control” the ClassLoader and execute arbitrary code using the class parameter. For example,...

CVE-2016-1181

ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service unexpected memory access via a multipart request, a related issue to CVE-2015-0899...

DLA-57-1 libstruts1.2-java - security update

Bulletin has no description...

[SECURITY] [DSA 2940-1] libstruts1.2-java security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2940-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff Aug 21, 2014 http://www.debian.org/security/faq -...

Apache commons-beanutils code exeuction

ActionForm class parameter unrestricted access...

DSA-2940-1 libstruts1.2-java - security update

Bulletin has no description...

1: Class Loader manipulation via request parameters

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrar...

Important: Red Hat Security Advisory: Red Hat JBoss Fuse 6.1.0 security update

Red Hat JBoss Fuse 6.1.0 Patch 1, a security update that addresses one security issue, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which give...

1: Class Loader manipulation via request parameters

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrar...

Important: Red Hat Security Advisory: Fuse ESB Enterprise 7.1.0 security update

Fuse ESB Enterprise 7.1.0 R1 P4 Patch 4 on Rollup Patch 1, a security update that addresses one security issue, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CV...

Apache Struts ClassLoader Manipulation

The remote web application appears to use Struts, a web application framework. The version of Struts in use contains a flaw that allows the manipulation of the ClassLoader via the 'class' parameter of an ActionForm object that results a denial of service. Note that this vulnerability may be...