13 matches found
EUVD-2019-1944
Malware in sbrugna...
CVE-2019-1010202
Jeesite 1.2.7 is affected by: XML External Entity XXE. The impact is: sensitive information disclosure. The component is: convertToModel function in src/main/java/com.thinkgem.jeesite/modules/act/service/ActProcessService.java. The attack vector is: network connectivity,authenticated,must upload ...
CVE-2019-1010201
Jeesite 1.2.7 is affected by: SQL Injection. The impact is: sensitive information disclosure. The component is: updateProcInsIdByBusinessId function in src/main/java/com.thinkgem.jeesite/modules/act/ActDao.java has SQL Injection vulnerability. The attack vector is: network...
Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation (CVE-2019-1585)
A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers...
CVE-2019-1010201
Jeesite 1.2.7 is affected by: SQL Injection. The impact is: sensitive information disclosure. The component is: updateProcInsIdByBusinessId function in src/main/java/com.thinkgem.jeesite/modules/act/ActDao.java has SQL Injection vulnerability. The attack vector is: network...
CVE-2019-1010201
Jeesite 1.2.7 is affected by: SQL Injection. The impact is: sensitive information disclosure. The component is: updateProcInsIdByBusinessId function in src/main/java/com.thinkgem.jeesite/modules/act/ActDao.java has SQL Injection vulnerability. The attack vector is: network...
Sql injection
Jeesite 1.2.7 is affected by: SQL Injection. The impact is: sensitive information disclosure. The component is: updateProcInsIdByBusinessId function in src/main/java/com.thinkgem.jeesite/modules/act/ActDao.java has SQL Injection vulnerability. The attack vector is: network...
CVE-2019-1010201
Jeesite 1.2.7 is affected by: SQL Injection. The impact is: sensitive information disclosure. The component is: updateProcInsIdByBusinessId function in src/main/java/com.thinkgem.jeesite/modules/act/ActDao.java has SQL Injection vulnerability. The attack vector is: network...
CVE-2019-1010202
Jeesite 1.2.7 is affected by: XML External Entity XXE. The impact is: sensitive information disclosure. The component is: convertToModel function in src/main/java/com.thinkgem.jeesite/modules/act/service/ActProcessService.java. The attack vector is: network connectivity,authenticated,must upload ...
Xxe
Jeesite 1.2.7 is affected by: XML External Entity XXE. The impact is: sensitive information disclosure. The component is: convertToModel function in src/main/java/com.thinkgem.jeesite/modules/act/service/ActProcessService.java. The attack vector is: network connectivity,authenticated,must upload ...
CVE-2019-1010202
Jeesite 1.2.7 is affected by: XML External Entity XXE. The impact is: sensitive information disclosure. The component is: convertToModel function in src/main/java/com.thinkgem.jeesite/modules/act/service/ActProcessService.java. The attack vector is: network connectivity,authenticated,must upload ...
CVE-2019-1585
Cisco Nexus 9000 Series ACI Mode Switch Software contains a privilege-escalation vulnerability (CVE-2019-1585) due to misconfigured sudoers for the bashroot component. An authenticated, local attacker could log in with a crafted user ID and temporarily gain root privileges, escalating Standard us...
CVE-2019-1585 Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability
A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers...