(0Day) Hewlett Packard Enterprise Intelligent Management Center legend Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

JVN#63860183: POWER EGG vulnerability where EL expression may be executed

POWER EGG provided by D-CIRCLE inc. is an integrated collaboration tool. POWER EGG contains a vulnerability where an arbitray EL expression may be executed CWE-20. Impact A remote attacker may execute an arbitrary EL expression from the server where the product is running. As a result, an arbitra...

(0Day) Hewlett Packard Enterprise Intelligent Management Center PrimeFaces Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PrimeFaces endpoint. When parsing the...

(0Day) Hewlett Packard Enterprise Intelligent Management Center faultInfo_content Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

(0Day) Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

(0Day) Hewlett Packard Enterprise Intelligent Management Center devGroupSelect Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

CVE-2019-6986

SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service ReDoS, as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request...

Sql injection

SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service ReDoS, as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request...

CVE-2019-6986

SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service ReDoS, as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request...

PHP 7.2.x < 7.2.14 Multiple vulnerabilities.

According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.14. It is, therefore, affected by multiple vulnerabilities: - An integer underflow condition exists in gdContributionsAlloc function in gdinterpolation.c. An unauthenticated, remote attacker can hav...

MGASA-2019-0047 Updated libxml2 packages fix security vulnerabilities

A flaw was found in libxml2 2.9.8. The xzdecomp function in xzlib.c, if --with-lzma is used, allows remote attackers to cause a denial of service infinite loop via a crafted XML file that triggers LZMAMEMLIMITERROR, as demonstrated by xmllint CVE-2018-9251, CVE-2018-14567. A null pointer...

Security Bulletin: IBM MessageSight is affected by an IBM WebSphere Liberty expression language vulnerability

Summary IBM MessageSight has addressed the following vulnerability. Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the use of expression language. An attacker could exploit this vulnerability to bypass the protections of a Security Manager. Vulnerability...

WebKit JSC JIT - GetIndexedPropertyStorage Use-After-Free

/ The doesGC function simply takes a node, and tells if it might cause a garbage collection. This function is used to determine whether to insert write barriers. But it's missing GetIndexedPropertyStorage that can cause a garbage collection via rope strings. As a result, it can lead to UaF. PoC: ...

Remote Code Execution (RCE)

richfaces is vulnerable to Remote code Execution RCE attacks. The vulnerability is due to improper Expression Language EL sanitization in the UserResource class. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects gadget chains...

Arbitrary Code Execution

richfaces is vulnerable to arbitrary code execution attacks. The vulnerabitiy exists as JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language EL expressions and execute arbitrary Java code via a /DATA/ substring in a path with an...

Regular Expression Denial Of Service (ReDoS) Via Parsing Cookies

tough-cookie is vulnerable to regular expression denial of service ReDoS attack. The vulnerability exists because the COOKIEPAIR regular expression used to parse the cookies causes unlimited repetitions when matching input characters. By using a large cookie string, attackers can make the process...

Regular Expression Denial Of Service (ReDoS) Via Long String Of Semicolons

tough-cookie is vulnerable to regular expression denial-of-service ReDoS attack. A malicious user can pass a long string that contains many semicolons in the Set-Cookies header, causing a regular expression to take a large amount of time, causing a denial of service condition...

Denial Of Service (DoS)

minimatch is vulnerable to a Regular Expression Denial Of Service ReDoS attack. An attacker can pass a string value to the minimatchpath,pattern function to cause a ReDoS...

Arbitrary Code Execution

rh-mariadb100-mariadb is vulnerable to arbitrary code execution attacks. The vulnerability exists as a heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by...

Denial Of Service (DoS)

postgresql is vulnerable to denial of service DoS attacks. The vulnerability exists as PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service infinite loop or buffer overflow and crash via...