48 matches found
EUVD-2012-2946
Malware in sbrugna...
EUVD-2012-2947
Malware in sbrugna...
EUVD-2012-2945
Malware in sbrugna...
EUVD-2012-2944
Malware in sbrugna...
EUVD-2012-2943
Malware in sbrugna...
CVE-2012-2968
Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in arbitrary directories via a .. dot dot in a pathname within an HTTP request...
CVE-2012-2966
Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters, which has unspecified impact and remote attack vectors...
CVE-2012-2967
Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == equals sign equals sign operator for comparisons, which has unspecified impact and context-dependent attack vectors...
CVE-2012-2969
Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP request...
CVE-2012-2965
Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an "HTTP Parameter Contamination" issue...
SUSE CVE-2020-10673
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef aka caucho-quercus...
GHSA-G5FX-CCWV-5C4F Caucho Quercus, as distributed in Resin, overwrites entries in SERVER superglobal array on basis of POST parameters
Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters, which has unspecified impact and remote attack vectors...
Caucho Quercus, as distributed in Resin, does not properly implement the `==` operator for comparisons
Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == equals sign equals sign operator for comparisons, which has unspecified impact and context-dependent attack vectors...
Caucho Quercus, as distributed in Resin, does not properly handle unspecified characters in the names of variables
Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an "HTTP Parameter Contamination" issue...
Caucho Quercus, as distributed in Resin, overwrites entries in SERVER superglobal array on basis of POST parameters
Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters, which has unspecified impact and remote attack vectors...
GHSA-P332-FW36-4HQX Caucho Quercus, as distributed in Resin, does not properly handle unspecified characters in the names of variables
Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an "HTTP Parameter Contamination" issue...
GHSA-2QR7-8FP8-4XXR Caucho Quercus, as distributed in Resin, does not properly implement the `==` operator for comparisons
Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == equals sign equals sign operator for comparisons, which has unspecified impact and context-dependent attack vectors...
jackson-databind mishandles the interaction between serialization gadgets and typing
FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef aka caucho-quercus...
GHSA-FQWF-PJWF-7VQV jackson-databind mishandles the interaction between serialization gadgets and typing
FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef aka caucho-quercus...
FasterXML jackson-databind deserialization vulnerability (CNVD-2020-24668)
FasterXML Jackson is a U.S. FasterXML company for Java data processing tools . jackson-databind is one of the components with data binding capabilities . A security vulnerability exists in FasterXML jackson-databind version 2.x prior to 2.9.10.4, which stems from insecure deserialization of...