Lucene search
K

61 matches found

Patchstack
Patchstack
added 2019/08/09 12:0 a.m.16 views

WordPress Formidable Form Builder plugin <= 4.02 - Unsafe Deserialisation vulnerability

Unsafe Deserialisation vulnerability discovered in WordPress Formidable Form Builder plugin versions = 4.02. Solution Update the WordPress Formidable Form Builder plugin to the latest available version at least 4.02.01...

9.8CVSS3.8AI score0.02389EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2018/08/15 7:41 a.m.41 views

Important: Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.4.11 security update

An update is now available for Red Hat JBoss BPM Suite. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.8CVSS7.3AI score0.15087EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/04/27 12:0 a.m.44 views

RHEL 6 / 7 : jboss-ec2-eap package for EAP 7.1.2 (Important) (RHSA-2018:1249)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1249 advisory. The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services AWS...

9.8CVSS7.2AI score0.15087EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2018/04/25 6:21 p.m.108 views

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 7.1.2 on RHEL 6

Updated packages that provide Red Hat JBoss Enterprise Application Platform 7.1.2 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

9.8CVSS7.2AI score0.15087EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2018/04/06 12:0 a.m.29 views

RHEL 5 / 6 / 7 : Red Hat JBoss Enterprise Application Platform 6.4 (RHSA-2018:0627)

The remote Redhat Enterprise Linux 5 / 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0627 advisory. - slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution CVE-2018-8088 Note that Nessus has not...

9.8CVSS7.5AI score0.15087EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/04/06 12:0 a.m.37 views

Debian DSA-4166-1 : openjdk-7 - security update

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code, incorrect LDAP/GSS authentication, insecure use of cryptography or bypass of deserialisation restrictions. C Tenable...

8.3CVSS6.7AI score0.06905EPSS
Exploits0References17
OpenVAS
OpenVAS
added 2018/03/28 12:0 a.m.32 views

CentOS Update for slf4j CESA-2018:0592 centos7

Check the version of slf4j SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882865";...

9.8CVSS9.7AI score0.15087EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/03/26 9:29 a.m.36 views

Important: Red Hat Security Advisory: rh-maven35-slf4j security update

An update for rh-maven35-slf4j is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.3AI score0.15087EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/03/19 12:0 a.m.37 views

Debian DSA-4144-1 : openjdk-8 - security update

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code, incorrect LDAP/GSS authentication, insecure use of cryptography or bypass of deserialisation restrictions. C Tenable...

8.3CVSS6.7AI score0.06905EPSS
Exploits0References18
Debian
Debian
added 2018/03/17 6:44 p.m.51 views

[SECURITY] [DSA 4144-1] openjdk-8 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4144-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 17, 2018 https://www.debian.org/security/faq -...

8.3CVSS8.7AI score0.06905EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/03/16 12:0 a.m.55 views

Debian: Security Advisory (DSA-4144-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS7.2AI score0.06905EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2018/01/09 1:53 p.m.302 views

Exploit for Inadequate Encryption Strength in Telerik Ui_For_Asp.Net_Ajax

RAUcrypto !Languagehttps://img.shields.io/badge/Lang-Pyth...

9.8CVSS8.8AI score0.99737EPSS
Exploits23
OpenVAS
OpenVAS
added 2017/05/24 12:0 a.m.22 views

Debian: Security Advisory (DSA-3862-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS8.3AI score0.02375EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/03/20 12:0 a.m.53 views

Debian Security Advisory DSA 3524-1 (activemq - security update)

It was discovered that the ActiveMQ Java message broker performs unsafe deserialisation. For additional information, please refer to the upstream advisory at http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt . OpenVAS Vulnerability Test $Id: deb3524.nasl 6608...

7.5CVSS0.38191EPSS
Exploits4References1
Atlassian
Atlassian
added 2016/01/12 3:59 a.m.111 views

CVE-2015-8360: Deserialisation Resulting in Remote Code Execution Vulnerability

Bamboo had a resource that deserialised arbitrary user input without restriction. Attackers can use this vulnerability to execute Java code of their choice on systems that have a vulnerable version of Bamboo. To exploit this issue, attackers need to be able to access the Bamboo JMS port port 5466...

9.8CVSS4.6AI score0.02976EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2016/01/12 3:59 a.m.34 views

CVE-2015-8360: Deserialisation Resulting in Remote Code Execution Vulnerability

Bamboo had a resource that deserialised arbitrary user input without restriction. Attackers can use this vulnerability to execute Java code of their choice on systems that have a vulnerable version of Bamboo. To exploit this issue, attackers need to be able to access the Bamboo JMS port port 5466...

9.8CVSS9.2AI score0.02976EPSS
Exploits0
Atlassian
Atlassian
added 2016/01/12 3:54 a.m.93 views

CVE-2014-9757: Deserialisation Through Smack Resulting in Remote Code Execution Vulnerability

Bamboo used an old version of the Smack XMPP library that deserialises messages received from XMPP. Attackers can use this vulnerability to execute Java code of their choice on systems that have a vulnerable version of Bamboo if a XMPP connection has been configured. To exploit this issue, Bamboo...

9.8CVSS4.4AI score0.02976EPSS
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2015/12/17 12:0 a.m.574 views

Joomla HTTP Header Unauthenticated Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Joomla HTTP Header Unauthenticated Remote Code Execution', 'Description' = %q Joomla suffers from an unauthenticated remote code...

7.5CVSS0.3AI score0.98283EPSS
Exploits16
OpenVAS
OpenVAS
added 2015/11/24 12:0 a.m.17 views

Debian Security Advisory DSA 3403-1 (libcommons-collections3-java - security update)

This update backports changes from the commons-collections 3.2.2 release which disable the deserialisation of the functors classes unless the system property org.apache.commons.collections.enableUnsafeSerialization is set to true . This fixes a vulnerability in unsafe applications deserialising...

0.1AI score
Exploits0References1
OpenVAS
OpenVAS
added 2015/11/23 12:0 a.m.14 views

Debian: Security Advisory (DSA-3403-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
Rows per page
Query Builder