CVE-2018-8787

creationtimestamp| type| source ---|---|--- 2019-02-06 15:04:30+00:00| seen| MISP/5c5af499-e890-49e9-b1ff-26ba0a021402...

CVE-2018-19207

creationtimestamp| type| source ---|---|--- 2018-11-29 19:43:11+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/wpgdprcomplianceprivesc.rb 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:06+00:00| see...

CVE-2018-8562

creationtimestamp| type| source ---|---|--- 2018-11-14 17:39:01+00:00| seen| MISP/5bec5b59-b2b0-4506-9c63-32a40a021402...

Unspecified Vulnerability in Green Electronics RainMachine Mini-8 (CNVD-2019-28250)

The Green Electronics RainMachine Mini-8 is a smart irrigation sprinkler from Green Electronics USA. A security vulnerability exists in the 'Weather Service' feature in the Green Electronics RainMachine Mini-8 2nd generation. The vulnerability can be exploited to inject arbitrary Python code via...

CVE-2018-6012

The 'Weather Service' feature of the Green Electronics RainMachine Mini-8 2nd generation allows an attacker to inject arbitrary Python code via the 'Add new weather data source' upload function...

CVE-2018-15454

creationtimestamp| type| source ---|---|--- 2018-11-01 08:35:36+00:00| seen| https://t.me/SecLabNews/3529 2018-11-01 09:03:35+00:00| seen| https://t.me/securixykz/185...

GHSA-XJRR-XV9M-4PW5 Improper Input Validation in alilibaba:fastjson

parseObject in Fastjson before 1.2.25, as used in FastjsonEngine in Pippo 1.11.0 and other products, allows remote attackers to execute arbitrary code via a crafted JSON request, as demonstrated by a crafted rmi:// URI in the dataSourceName field of HTTP POST data to the Pippo /json URI, which is...

UEditor editor two version of the arbitrary file upload vulnerability analysis-vulnerability warning-the black bar safety net

0x01 introduction UEditor by Baidu WEB front-end R & D Department development of WYSIWYG the open source rich text editor with lightweight, customizable, the user experience is excellent and other characteristics, by the majority of WEB applications use; this broke the high-risk vulnerabilities...

SS-2018-016: Unsafe SQL Query Construction (Safe Data Source)

More info at https://www.silverstripe.org/download/security-releases/ss-2018-016/...

IBM WebSphere Application Server Information Disclosure Vulnerability (CNVD-2018-13466)

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. A security vulnerability exists in IBM WAS that stems from t...

CVE-2018-5436

The Spotfire server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contain multiple vulnerabilities that may allow for the disclosure of information, including user and data source credentials. Affected releases are TIBCO Softwa...

CVE-2018-5436

The Spotfire server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contain multiple vulnerabilities that may allow for the disclosure of information, including user and data source credentials. Affected releases are TIBCO Softwa...

Design/Logic Flaw

The Spotfire server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contain multiple vulnerabilities that may allow for the disclosure of information, including user and data source credentials. Affected releases are TIBCO Softwa...

CVE-2004-1389

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/misc/veritasnetbackupcmdexec.rb 2025-02-06 03:13:38+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:08:08+00:00| seen...

CVE-2015-3760

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/dyldprinttofileroot.rb 2019-03-13 07:34:18+00:00| exploited| https://t.me/informationsecuritychannel/25462 2025-02-06 03:13:42+00:00|...

Jaspersoft JasperReports Information Disclosure Vulnerability

JasperReports is a report generation tool that displays rich page content and converts it to PDF, HTML, or XML format. An information disclosure vulnerability exists in Jaspersoft JasperReports. A remote attacker can exploit this vulnerability to retrieve stored data source passwords, leading to...

UBUNTU-CVE-2018-9258

In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by preserving valid data sources...

CVE-2017-14941

Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and reading the HTML source code of the page reached in an Edit action for a Data Source connector...

PT-2019-3785 · Fasterxml +7 · Jackson-Databind +7

Name of the Vulnerable Software and Affected Versions: FasterXML jackson-databind versions prior to 2.9.10 FasterXML jackson-databind version 2.8.11.5 FasterXML jackson-databind version 2.6.7.3 Description: A Polymorphic Typing issue was discovered in FasterXML jackson-databind. It is related to...

PT-2019-4183 · Jackson +6 · Jackson-Databind +6

Name of the Vulnerable Software and Affected Versions: jackson-databind versions 2.0.0 through 2.9.10 jackson-databind versions prior to 2.9.10.1 jackson-databind versions prior to 2.8.11.5 jackson-databind versions prior to 2.6.7.3 Description: A Polymorphic Typing issue was discovered in the...