9288 matches found
HPE Intelligent Management Center (IMC) TopoDebugServlet Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A TopoDebugServlet expression language injection remote code execution vulnerability exists in HPE...
HPE Intelligent Management Center (IMC) selViewNavContent Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A selViewNavContent expression language injection remote code execution vulnerability exists in HPE...
HPE Intelligent Management Center (IMC) customTemplateSelect Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A customTemplateSelect expression language injection remote code execution vulnerability exists in HPE...
HPE Intelligent Management Center (IMC) userSelectPagingContent Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A userSelectPagingContent expression language injection remote code execution vulnerability exists in HPE...
HPE Intelligent Management Center (IMC) sshConfig Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. An sshConfig expression language injection remote code execution vulnerability exists in HPE Intelligent...
HPE Intelligent Management Center (IMC) eventInfo_content Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. An eventInfocontent expression language injection remote code execution vulnerability exists in HPE...
HPE Intelligent Management Center (IMC) operatorGroupTreeSelectContent Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. An operatorGroupTreeSelectContent expression language injection remote code execution vulnerability exists...
HPE Intelligent Management Center (IMC) perfSelectTask Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A perfSelectTask expression language injection remote code execution vulnerability exists in HPE Intellige...
GHSA-WXHQ-PM8V-CW75 Regular Expression Denial of Service in clean-css
Version of clean-css prior to 4.1.11 are vulnerable to Regular Expression Denial of Service ReDoS. Untrusted input may cause catastrophic backtracking while matching regular expressions. This can cause the application to be unresponsive leading to Denial of Service. Recommendation Upgrade to...
Regular Expression Denial of Service in clean-css
Version of clean-css prior to 4.1.11 are vulnerable to Regular Expression Denial of Service ReDoS. Untrusted input may cause catastrophic backtracking while matching regular expressions. This can cause the application to be unresponsive leading to Denial of Service. Recommendation Upgrade to...
Denial of Service in foreman
All versions of foreman are vulnerable to Regular Expression Denial of Service when requests to it are made with a specially crafted path. Recommendation Upgrade to version 3.0.1...
Vulnerability of .NET Core and Microsoft .NET Framework software platforms, related to errors in regular expression processing, allowing attackers to trigger service failures.
The vulnerability of.NET Core and Microsoft.NET Framework software lies in errors that occur during the processing of regular expressions. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
Hewlett Packard Enterprise Intelligent Management Center faultTrapGroupSelect Expression Language Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
Hewlett Packard Enterprise Intelligent Management Center choosePerfView Expression Language Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
Hewlett Packard Enterprise Intelligent Management Center operationSelect Expression Language Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
Hewlett Packard Enterprise Intelligent Management Center ictExpertCSVDownload Expression Language Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
EulerOS Virtualization for ARM 64 3.0.2.0 : libxml2 (EulerOS-SA-2019-1614)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There ...
Hewlett Packard Enterprise Intelligent Management Center devSoftSel Expression Language Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
RHEL 8 : dotnet (RHSA-2019:1259)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1259 advisory. .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...
python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib
A flaw was found in the way catastrophic backtracking was implemented in python's difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...