Apache Kylin 输入验证错误漏洞

Apache Kylin is an open source distributed analytic data warehouse from the Apache Foundation. The product mainly provides SQL query interface on top of Hadoop/Spark and multi-dimensional analysis OLAP and other functions. Apache kylin has an input validation error vulnerability, which stems from...

Pebble Templates Security Bypass Vulnerability

Pebble Templates is a Java template engine . A security vulnerability exists in Pebble Templates version 3.1.2. The vulnerability can be exploited to bypass the protection mechanism blocking access to java.lang.Class instances with the help of the public static java.lang.Class...

OpenJDK: beans insufficient permission checks, Java 7 0day (beans, 7162473)

Multiple vulnerabilities in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by 1 using com.sun.beans.finder.ClassFinder.findClass and leveraging an...

Immunity Canvas: JAVA_FORNAME_GETFIELD

Name| javaforNamegetField ---|--- CVE| CVE-2012-4681 Exploit Pack| CANVAS Description| Java forName/getField Method Invocation Sandbox Bypass Notes| CVE Name: CVE-2012-4681 VENDOR: Sun Notes: There is a method invocation vulnerability using sun.awt.SunToolkit.getField This vulnerability can then ...