Lucene search
K

10 matches found

Broadcom
Broadcom
added 2022/04/05 12:0 a.m.12 views

BSA-2022-1770

Security Advisory ID : BSA-2022-1770 Component : SpringSource Spring Framework Revision : 1.0 CVE-2010-1622: SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing...

9.8CVSS8.2AI score0.99939EPSS
Exploits138
The Hacker News
The Hacker News
added 2022/03/31 5:52 a.m.320 views

Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Apps Security

A zero-day remote code execution RCE vulnerability has come to light in the Spring framework shortly after a Chinese security researcher briefly leaked a proof-of-concept PoC exploit on GitHub before deleting their account. According to cybersecurity firm Praetorian, the unpatched flaw impacts...

9.8CVSS9.3AI score0.99939EPSS
Exploits46
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.59 views

Spring Framework arbitrary code execution

No description provided by source. CVE-2010-1622: Spring Framework execution of arbitrary code Severity: Critical Vendor: SpringSource, a division of VMware Versions Affected: 3.0.0 to 3.0.2 2.5.0 to 2.5.6.SEC01 community releases 2.5.0 to 2.5.7 subscription customers Earlier versions may also be...

6CVSS9.6AI score0.52003EPSS
Exploits11
Packet Storm
Packet Storm
added 2011/07/03 12:0 a.m.49 views

Spring Source OXM 3.0.4 Command Injection

Reference: http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/oxm.htmld0e26722 Product: Spring Source OXM Object/XML Mapping Vendor: VMware Vulnerable Version: 3.0.4 only when XStream and IBM JRE are used Status: Fixed Vendor Notification: 12 October 2010 Vendor Fix:...

0.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2011/06/07 12:0 a.m.20 views

VMware SpringSource Spring Framework class.classloader Remote Code Execution (CVE-2010-1622)

The vulnerability is caused due to an error in the mechanism used to update the properties of an object with client provided data. A vulnerability has been reported in Spring Framework. A vulnerability has been reported in Spring Framework, which can allow attackers to compromise a vulnerable...

6CVSS9AI score0.52003EPSS
Exploits11
NVD
NVD
added 2010/06/21 4:30 p.m.28 views

CVE-2010-1622

SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs0=jar: followed by a URL of a crafted .jar file...

6CVSS9.7AI score0.52003EPSS
Exploits11References14
CVE
CVE
added 2010/06/21 4:0 p.m.257 views

CVE-2010-1622

CVE-2010-1622 affects Spring Framework 2.5.x up to 2.5.6.SEC02 and 2.5.7 up to 2.5.7.SR01, and 3.0.x up to 3.0.3. The issue arises from binding request data to Java beans, which allows an attacker to overwrite nested properties of the ClassLoader (notably via class.classLoader.URLs[0]), enabling ...

6CVSS9.5AI score0.52003EPSS
Exploits11References14Affected Software1
Exploit DB
Exploit DB
added 2010/06/18 12:0 a.m.109 views

Spring Framework - Arbitrary code Execution

CVE-2010-1622: Spring Framework execution of arbitrary code Severity: Critical Vendor: SpringSource, a division of VMware Versions Affected: 3.0.0 to 3.0.2 2.5.0 to 2.5.6.SEC01 community releases 2.5.0 to 2.5.7 subscription customers Earlier versions may also be affected Description: The Spring...

6CVSS9.6AI score0.52003EPSS
Exploits11
Circl
Circl
added 2010/06/18 12:0 a.m.2 views

CVE-2010-1622

creationtimestamp| type| source ---|---|--- 2010-06-18 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/13918 2022-03-30 05:25:16+00:00| seen| https://t.me/cKure/9213 2022-03-31 14:38:31+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/1759 2022-03-31 16:01:37+00:00|...

6CVSS8.6AI score0.52003EPSS
Exploits11References5
exploitpack
exploitpack
added 2010/06/18 12:0 a.m.73 views

Spring Framework - Arbitrary code Execution

Spring Framework - Arbitrary code Execution CVE-2010-1622: Spring Framework execution of arbitrary code Severity: Critical Vendor: SpringSource, a division of VMware Versions Affected: 3.0.0 to 3.0.2 2.5.0 to 2.5.6.SEC01 community releases 2.5.0 to 2.5.7 subscription customers Earlier versions ma...

6CVSS0.3AI score0.52003EPSS
Exploits11
Rows per page
Query Builder