Lucene search
K

15 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/09/26 5:45 a.m.60 views

Security Bulletin: Potential security vulnerability in WebSphere Application Server CVE-2013-1768 PM86780

Abstract Potential security vulnerability in WebSphere Application Server Content VULNERABILITY DETAILS: CVE ID:CVE-2013-1768 PM86780, PM86786, PM86788 and PM86791 DESCRIPTION: Deserialization of a maliciously crafted OpenJPA object can result in an executable file being written to the file syste...

7.5CVSS8.8AI score0.09511EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/14 3:30 a.m.7 views

br.net.woodstock.rockframework:rockframework-domain (>=1.2.4 <=2.0.8), br.net.woodstock.rockframework:rockframework-persistence (>=2.0.0 <=2.0.8) +422 more potentially affected by CVE-2013-1768 via org.apache.openjpa:openjpa (>=2.0.0 <=2.2.1)

org.apache.openjpa:openjpa MAVEN version =2.0.0, =1.2.4, =2.0.0, =1.0.0, =1.0.0, =18.0.0.3, =18.0.0.3, =18.0.0.3, =18.0.0.3, =18.0.0.3, =18.0.0.3, =18.0.0.3, =1.0.0, =0.20, =0.20, =2.1.0-rc.3 and more Source cves: CVE-2013-1768 Source advisory: OSV:GHSA-J65F-MVGW-PRP2...

7.5CVSS7.1AI score0.09511EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2013-0292)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.8AI score0.09511EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/06 9:55 p.m.34 views

Security Bulletin: OpenJPA as used in IBM QRadar SIEM is vulnerable to remote code execution. (CVE-2013-1768)

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2013-1768 DESCRIPTION: Deserialization of a maliciously crafted OpenJPA object can result in an executable file being written to...

7.5CVSS0.8AI score0.09511EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/10/08 12:0 a.m.41 views

Mandriva Linux Security Advisory : openjpa (MDVSA-2013:246)

Updated openjpa packages fix security vulnerability : The BrokerFactory functionality in Apache OpenJPA before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to...

7.5CVSS8.8AI score0.09511EPSS
Exploits0References2
OSV
OSV
added 2013/10/05 5:44 p.m.8 views

MGASA-2013-0292 Updated openjpa packages fix CVE-2013-1768

Updated openjpa packages fix security vulnerability: The BrokerFactory functionality in Apache OpenJPA before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to...

7.5CVSS7.4AI score0.09511EPSS
Exploits0References3
Mageia
Mageia
added 2013/10/05 5:44 p.m.43 views

Updated openjpa packages fix CVE-2013-1768

Updated openjpa packages fix security vulnerability: The BrokerFactory functionality in Apache OpenJPA before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to...

7.5CVSS3.9AI score0.09511EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2013/08/29 11:22 p.m.46 views

Important: Red Hat Security Advisory: Red Hat JBoss Fuse 6.0.0 patch 2

Red Hat JBoss Fuse 6.0.0 patch 2, which fixes several security issues and various bugs, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

7.5CVSS6.8AI score0.32259EPSS
Exploits6References7
OpenVAS
OpenVAS
added 2013/08/01 12:0 a.m.29 views

Fedora Update for openjpa FEDORA-2013-12967

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.8AI score0.09511EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/08/01 12:0 a.m.37 views

Fedora Update for openjpa FEDORA-2013-12960

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.8AI score0.09511EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/07/22 12:0 a.m.35 views

Fedora 17 : openjpa-2.2.0-3.fc17 (2013-12967)

fix for CVE-2013-1768 rhbz984034,984040. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

7.5CVSS8AI score0.09511EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/07/22 12:0 a.m.41 views

Fedora 18 : openjpa-2.2.0-3.fc18 (2013-12960)

fix for CVE-2013-1768 rhbz984034,984040 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

7.5CVSS8AI score0.09511EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/07/22 12:0 a.m.39 views

Fedora 19 : openjpa-2.2.1-6.fc19 (2013-12948)

fix for CVE-2013-1768 rhbz984034,984040. fix ant.d script. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

7.5CVSS8AI score0.09511EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2013/07/11 10:55 p.m.42 views

CVE-2013-1768

The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by...

7.5CVSS7.5AI score0.09511EPSS
Exploits0References16
CVE
CVE
added 2013/07/11 10:0 p.m.109 views

CVE-2013-1768

CVE-2013-1768 involves deserialization of a malicious OpenJPA object; IBM bulletins note the embedded OpenJPA code is present in WebSphere Application Server but is not exploitable by WAS itself. Affected WAS versions ship the vulnerable OpenJPA code (not exploitable) and IBM provides fixes via A...

7.5CVSS8.8AI score0.09511EPSS
Exploits0References19Affected Software1
Rows per page
Query Builder