22 matches found
EUVD-2019-0479
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-8035
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC = 2.2.2 which runs in the user...
Command Injection
Apache UIMA DUCC is vulnerable to Command Injection. The vulnerability exists when using Distributed UIMA Cluster Computing module which allows an attacker to inject and execute arbitrary commands...
Apache UIMA DUCC Command Injection Vulnerability
Apache UIMA DUCC is a cluster management system from the Apache Apache Foundation in the United States. The system provides tools, management and scheduling tools. Apache UIMA DUCC suffers from a command injection vulnerability that arises from improper neutralization of specific elements used wh...
Apache UIMA DUCC allows remote code execution
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache UIMA DUCC. When using the "Distributed UIMA Cluster Computing" DUCC module of Apache UIMA, an authenticated user that has the permissions ...
GHSA-34M5-796P-MJCP Apache UIMA DUCC allows remote code execution
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache UIMA DUCC. When using the "Distributed UIMA Cluster Computing" DUCC module of Apache UIMA, an authenticated user that has the permissions ...
Command injection
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache UIMA DUCC. When using the "Distributed UIMA Cluster Computing" DUCC module of Apache UIMA, an authenticated user that has the permissions ...
CVE-2023-28935 Apache UIMA DUCC: DUCC (EOL) allows RCE
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache UIMA DUCC. When using the "Distributed UIMA Cluster Computing" DUCC module of Apache UIMA, an authenticated user that has the permissions ...
CVE-2023-28935
CVE-2023-28935 affects Apache UIMA DUCC (Distributed UIMA Cluster Computing). The issue is an improper neutralization of special elements used in a command (command injection) that allows an authenticated user with permissions to modify core entities to cause command execution as the web process ...
CVE-2023-28935 Apache UIMA DUCC: DUCC (EOL) allows RCE
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache UIMA DUCC. When using the "Distributed UIMA Cluster Computing" DUCC module of Apache UIMA, an authenticated user that has the permissions ...
Apache UIMA DUCC 命令注入漏洞
Apache UIMA DUCC is a cluster management system from the Apache Apache Foundation in the United States. The system provides tools, management and scheduling tools. Apache UIMA DUCC suffers from a command injection vulnerability that arises from improper neutralization of specific elements used wh...
PT-2023-22046 · Apache · Apache Uima Ducc
Name of the Vulnerable Software and Affected Versions: Apache UIMA DUCC affected versions not specified Description: The issue is related to an Improper Neutralization of Special Elements used in a Command, also known as a 'Command Injection' vulnerability. When using the Distributed UIMA Cluster...
Cross-Site Scripting (XSS)
uima-ducc-web is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a victim's browser via multiple parameters due to the lack of output encoding...
GHSA-VM59-329Q-P468 Cross-site Scripting in Apache UIMA
This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC = 2.2.2 which runs in the user's browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user supplied javascript code...
Cross-site Scripting in Apache UIMA
This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC = 2.2.2 which runs in the user's browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user supplied javascript code...
CVE-2018-8035
This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC = 2.2.2 which runs in the user's browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user supplied javascript code...
Code injection
This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC = 2.2.2 which runs in the user's browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user supplied javascript code...
CVE-2018-8035
This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC = 2.2.2 which runs in the user's browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user supplied javascript code...
CVE-2018-8035
This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC = 2.2.2 which runs in the user's browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user supplied javascript code...
CVE-2018-8035
This CVE concerns Apache UIMA DUCC (