Lucene search
K

12 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:57 p.m.299 views

K29042031: Multiple Spring Framework vulnerabilities

Security Advisory Description On April 5th, 2018, three new vulnerabilities were published in the popular Java web framework called Spring. Details on these vulnerabilities and exploit code are not yet available, and mitigation details may change if and when the exploit code is available. You can...

9.8CVSS8.8AI score0.95649EPSS
Exploits15
Gitee
Gitee
added 2021/09/15 11:52 p.m.6 views

Exploit for Code Injection in Pivotal_Software Spring_Data_Commons

Based on the provided code and metadata, here is a description of the repository and its contents: Repository: This repository appears to be a Maven wrapper for the Apache Maven project, specifically version 3.5.3. The repository contains metadata and configuration files for the Maven wrapper,...

9.8CVSS9.1AI score0.95649EPSS
Exploits9
VulnCheck KEV
VulnCheck KEV
added 2019/01/08 12:0 a.m.5 views

VulnCheck KEV: CVE-2018-1273

Spring Data Commons contains a property binder vulnerability which can allow an attacker to perform remote code execution...

9.8CVSS7.5AI score0.95649EPSS
Exploits9References1
vulnersOsv
vulnersOsv
added 2018/10/17 5:23 p.m.7 views

am.ik.home:uaa-client (>=1.3.0 <=1.8.1), am.ik.home:uaa-integration-test (>=1.3.0 <=1.8.1) +229 more potentially affected by CVE-2018-1273 via org.springframework.data:spring-data-commons (>=1.13.0.RELEASE <=1.13.10.RELEASE)

org.springframework.data:spring-data-commons MAVEN version =1.13.0.RELEASE, =1.3.0, =1.3.0, =1.3.0, =0.0.1, =0.2.0, =1.0.6, =6.2.0.6, =6.2.0.5, =6.2.0.4, =6.2.0.4, =6.2.0.5, =1.2.0, =1.2.0, =1.6.6 and more Source cves: CVE-2018-1273 Source advisory: OSV:GHSA-4FQ3-MR56-CG6R...

9.8CVSS7.2AI score0.95649EPSS
Exploits9
seebug.org
seebug.org
added 2018/04/19 12:0 a.m.115 views

CVE-2018-1273: RCE with Spring Data Commons

...

7.5CVSS1.3AI score0.95649EPSS
Exploits9
Check Point Advisories
Check Point Advisories
added 2018/04/17 12:0 a.m.6 views

Pivotal Spring Commons Remote Code Execution (CVE-2018-1273)

A remote code execution was discovered in Pivotal Spring Commons. An unauthenticated attacker may use this vulnerability to execute code on the vulnerable server...

7.5CVSS3.1AI score0.95649EPSS
Exploits9
Circl
Circl
added 2018/04/11 8:15 p.m.16 views

CVE-2018-1273

creationtimestamp| type| source ---|---|--- 2018-04-11 20:15:28+00:00| seen| https://t.me/canyoupwnme/3562 2018-12-11 15:50:28+00:00| seen| MISP/5c0fd6cc-f868-4dca-890c-1ea30a021402 2020-10-09 15:40:34+00:00| seen| MISP/1e58e188-7443-497f-a296-717763199581 2023-06-14 21:10:03+00:00| seen|...

9.8CVSS7.2AI score0.95649EPSS
In wildExploits9References9
NVD
NVD
added 2018/04/11 1:29 p.m.29 views

CVE-2018-1273

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user or attacker can supply specially crafted request parameters...

9.8CVSS9.8AI score0.95649EPSS
Exploits9References4
OSV
OSV
added 2018/04/11 1:29 p.m.35 views

CVE-2018-1273

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user or attacker can supply specially crafted request parameters...

9.8CVSS10AI score0.95649EPSS
Exploits9References4
Vulnrichment
Vulnrichment
added 2018/04/11 1:0 p.m.12 views

CVE-2018-1273

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user or attacker can supply specially crafted request parameters...

7.7AI score0.95649EPSS
Exploits9References3
CVE
CVE
added 2018/04/11 1:0 p.m.1165 views

CVE-2018-1273

CVE-2018-1273 is a remote code execution vulnerability in Spring Data Commons (affecting versions prior to 1.13.10 and 2.0–2.0.5, plus older unsupported builds). An unauthenticated attacker could supply crafted request parameters against Spring Data REST HTTP resources or via Spring Data projecti...

9.8CVSS9.6AI score0.95649EPSS
In wildExploits9References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2018/04/11 12:0 a.m.46 views

CVE-2018-1273

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user or attacker can supply specially crafted request parameters...

9.8CVSS9.7AI score0.95649EPSS
In wildExploits9References4
Rows per page
Query Builder