1118 matches found
Android ashmem Read-Only Bypasses Exploit
Android suffers from ashmem read-only bypass vulnerabilities via remapfilepages and ASHMEMUNPIN. Android: ashmem readonly bypasses via remapfilepages and ASHMEMUNPIN This bug report describes two ways in which an attacker can modify the contents of a read-only ashmem fd. I'm not sure at this poin...
Server-Side Template Injection
pebble is vulnerable to server-side template injection. The fix for an older vulnerability that validates for getClass can be bypassed to inject arbitrary code through the template using Java classes that have TYPE static field containing values that is an instance of java.lang.Class. For example...
Arbitrary Code Execution
odata-client-proxy is vulnerable to arbitrary code execution. The vulnerability exists as the classes that were deserialized were not checked in AbstractService, allowing unsafe deserialization that can lead to arbitrary code execution...
Important: Red Hat Security Advisory: Red Hat Data Grid 7.3.2 security update
An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Remote Code Execution
jackson-databind is vulnerable to remote code execution. The application does not block the xalan classes during deserialization, which would allow a remote attacker to leverage the vulnerability to execute arbitrary code...
CVE-2018-2602
It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file...
Critical severity vulnerability that affects generator-jhipster
Account takeover and privilege escalation is possible in applications generated by generator-jhipster before 6.3.0. This is due to a vulnerability in the generated java classes: CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator PRNG Generated applications must be manually...
GHSA-MWP6-J9WF-968C Critical severity vulnerability that affects generator-jhipster
Account takeover and privilege escalation is possible in applications generated by generator-jhipster before 6.3.0. This is due to a vulnerability in the generated java classes: CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator PRNG Generated applications must be manually...
CVE-2019-15321
The option-tree plugin before 2.7.3 for WordPress has Object Injection because serialized classes are mishandled...
CVE-2019-15321
The option-tree plugin before 2.7.3 for WordPress has Object Injection because serialized classes are mishandled...
CVE-2019-15321
CVE-2019-15321 applies to the WordPress plugin “Option Tree” prior to version 2.7.3, where an Object Injection vulnerability arises from mishandled serialized classes. The entry is documented across multiple sources (NVD description: “option-tree plugin before 2.7.3 for WordPress has Object Injec...
jackson-databind: arbitrary code execution in slf4j-ext class
A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code...
jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes
A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using blaze classes. An attacker could use this flaw to execute arbitrary code...
AlwaysOn Availability Groups cannot be selected while restoring a SQL database to Microsoft SQL Server 2017 after installation of CU15
Challenge You try to restore a SQL database to Microsoft SQL Server 2017 with CU15 that supports AlwaysOn Availability Groups, but you are not able to select an availability group at the "Specify AlwaysON Restore Options" step. Cause ServerNetworkProtocolProperty is missing in CU15 for SQL Server...
CVE-2019-10257
Zucchetti HR Portal through 2019-03-15 allows Directory Traversal. Unauthenticated users can escape outside of the restricted location dot-dot-slash notation to access files or directories that are elsewhere on the system. Through this vulnerability it is possible to read the application's java...
SD-WAN QoS - FAQ
1. What are the different QoS components? 1. IP Rules 2. QoS classes 3. Application QoS. 2. What type of traffic is allocated by default to different Classes? In the SD-WAN environment, we think of applications as falling into one of the following three classes: Real-time –VoIP or VoIP like...
Intensio-Obfuscator - Obfuscate A Python Code 2.X And 3.X
Takes a python source code and transform it into an obfuscated python code, replace name of variables - classes - functions to random chars and defined length, removes comments, line breaks and add to each line a random script with an always differents values. Requirement Python = 3.5 Files...
Improper Access Control
Oracle Java SE is vulnerable to improper access control vulnerability. This is because the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making the...
CVE-2018-16626
CVE-2018-16626 affects Typesetter 5.1: index.php/Admin/Classes allows cross-site scripting via the description of a new class name. The vulnerability is an XSS in the class-creation workflow, arising from how the description field is processed in Admin/Classes. Public references in the connected ...
Fedora Update for rubygem-activejob FEDORA-2019-1cfe24db5c
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...