1986 matches found
CVE-2018-1327
The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as described here...
Equifax Says 2.4 Million More People Impacted By Massive 2017 Breach
Equifax said that an additional 2.4 million Americans have had their personal data stolen as part of the company’s massive 2017 data breach, including their names and some of their driver’s license information. The additional identified victims bring the total of those implicated in what has beco...
CVE-2018-6488 MFSBGN03798 rev.1 - Micro Focus Universal CMDB, Apache Struts Instance
Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. This vulnerability could be remotely exploited to allow Arbitrary Code Execution...
Exploit for Improper Handling of Exceptional Conditions in Apache Struts
CVE-2017-5638 | Struts s2-045 Description It is possible t...
Oracle WebCenter Portal Multiple Vulnerabilities (January 2018 CPU)
Binary data oraclewebcenterportalcpujan2018.nbin...
The State of Web Application Vulnerabilities in 2017
As a web application firewall provider, part of our job at Imperva is constantly monitoring new security vulnerabilities. To do this, we use internal software that collects information from various data sources such as vulnerability databases, newsletters, forums, social media and more, integrate...
Imperva’s Top 10 Blogs of 2017
I recently took a step back to review all the content we shared in 2017 on the Imperva blog. We covered a broad range of topics including data security, cloud migration, application and API security, AI and machine learning, cybersecurity research, GDPR, insider threats and more. We were busy!...
CVE-2017-15707
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...
Apache Struts 'REST' Plugin Multiple Vulnerabilities (S2-054, S2-055) - Linux
Apache Struts is prone multiple vulnerabilities. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Apache Struts Security Update (S2-054, S2-055)
Apache Struts is prone multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Exploit for Deserialization of Untrusted Data in Apache Struts
CVE-2017-9805.py 1. Better Exploit Code For CVE 2017 9805 apac...
Apache Software Foundation Releases Security Updates
The Apache Software Foundation has released security updates to address vulnerabilities in Apache Struts versions 2.5 to 2.5.14. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Apache Securit...
Apache Struts 2.5.x < 2.5.14.1 Json-lib JSON Parsing Unspecified DoS (S2-054) (S2-055)
The version of Apache Struts running on the remote host is 2.5.x prior to 2.5.14.1. It is, therefore, affected by an unspecified flaw that is triggered when parsing JSON. This allows a remote attacker to cause a denial of service. Note that Nessus has not tested for these issues but has instead...
CVE-2017-15707
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...
CVE-2017-15707
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...
Design/Logic Flaw
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...
CVE-2017-15707
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...
CVE-2017-15707
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...
CVE-2017-15707
Apache Struts REST plugin (versions 2.5–2.5.14) is vulnerable due to the REST plugin using an outdated JSON-lib library, enabling a remote attacker to cause a denial of service by sending a specially crafted JSON payload. Vulnerable component: Struts 2.x with REST plugin; root cause: insecure JSO...
Apache Struts2 S2-054(CVE-2017-15707)
Summary A crafted JSON request can be used to perform a DoS attack when using the Struts REST plugin | | | | :------------ | :------------ | | Who should read this | All Struts 2 developers and users which are using the REST plugin | | Impact of vulnerability | A DoS attack is possible when using...