Exploit for Deserialization of Untrusted Data in Alibaba Fastjson

CVE-2022-25845-In-Spring 主要依赖 1. jackson 2. commons-io 快...

CVE-2018-7660

In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Reflected Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via the servlet/Download docbase or username parameter...

CVE-2016-6644

EMC Documentum D2 4.5 before patch 15 and 4.6 before patch 03 allows remote attackers to read arbitrary Docbase documents by leveraging knowledge of an robjectid value...

Code injection

EMC Documentum D2 4.5 before patch 15 and 4.6 before patch 03 allows remote attackers to read arbitrary Docbase documents by leveraging knowledge of an robjectid value...

CVE-2014-4636

Cross-site request forgery CSRF vulnerability in EMC Documentum Web Development Kit WDK before 6.8 allows remote attackers to hijack the authentication of arbitrary users for requests that perform Docbase operations...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in EMC Documentum Web Development Kit WDK before 6.8 allows remote attackers to hijack the authentication of arbitrary users for requests that perform Docbase operations...

CVE-2014-4636

EMC Documentum Web Development Kit (WDK) prior to version 6.8 is affected by a Cross-Site Request Forgery (CSRF) vulnerability (CVE-2014-4636). The issue allows an attacker to trick authenticated users into performing Docbase operations with their privileges by visiting a malicious link or page, ...

CVE-2014-4636

Cross-site request forgery CSRF vulnerability in EMC Documentum Web Development Kit WDK before 6.8 allows remote attackers to hijack the authentication of arbitrary users for requests that perform Docbase operations...

STRUTS2 S2-0 2 0 patch bypass vulnerability-vulnerability warning-the black bar safety net

0×0 0 background Security researchers noted that the Apache Struts2 vulnerability Bulletin S2-0 2 0, in process repair CVE-2 0 1 4-0 0 9 4 bug fixes program vulnerability exists, resulting patch is completely bypassed. 0×0 1 Analysis Struts2 S2-0 2 0 was added .\.|^ class\.. to filter action...

Struts2 Tomcat class. classLoader. resources. dirContext. docBase assign a value to cause a DoS and remote code execution exploit!- Vulnerability warning-the black bar safety net

0x00 background Recently everyone in the play the Struts2 class. classLoader. Official in S-2 0 two vulnerabilities,one commons-fileupload caused by DoS,this is to let cpu slow down,not patching but also doesn't matter. Another one,is class. classLoader allows Object Assignment. See everyone alwa...

Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow (CVE-2010-3552)

Java Technology is a programming platform which aims to provide a system for developing and deploying cross-platform applications. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML file with Internet Explorer, which will allow execution of arbitrar...

Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow

Added: 10/15/2010 CVE: CVE-2010-3552 BID: 44023 Background Oracle Java SE and Java for Business are development platforms for developing and deploying Java applications. They include the Java SE Development Kit JDK and the Java Runtime Environment JRE. The JRE provides the minimum requirements fo...

Oracle Java 6 - OBJECT tag 'launchjnlp'/'docbase' Remote Buffer Overflow

Source: http://code.google.com/p/skylined/issues/detail?id=23 SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS ,dSSSSSSSSSSSS SSSS ,dSSY' SSSS SSSS SSSS SSSS SSSSb, SSSS ,dSSSSSSSSSSSS SSSSSSSSSSSSb, SSSS SSSS ,dSSY' SSSS SSSS SSSS SSS...

[SECURITY] CVE-2008-2938 - Apache Tomcat information disclosure vulnerability - Updated

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2008-2938: Apache Tomcat information disclosure vulnerability - Updated Severity: Important was moderate Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.1.0 to 4.1.37 Tomcat 5.5.0 to 5.5.26 Tomcat 6.0.0 to 6.0.16 The unsupported...