123 matches found
CVE-2025-53192
An expression injection flaw has been discovered in the Apache Commons OGNL library. When using the API Ognl.getValue, the OGNL engine parses and evaluates the provided expression with powerful capabilities, including accessing and invoking related methods. Although OgnlRuntime attempts to...
CVE-2025-53192 Apache Commons OGNL: Expression Injection leading to RCE
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL. This issue affects Apache Commons OGNL: all versions. When using the API Ognl.getValue, the OGNL engine parses and evaluates the provided expression with powerful capabilities...
CVE-2025-53192
Apache Commons OGNL (OGNL library) contains an improper neutralization of expression/command delimiters when using Ognl.getValue, allowing bypass of blocklisted dangerous classes and potentially enabling arbitrary code execution. Affected: OGNL engine across versions; impact noted as high (CVE-20...
Apache Commons OGNL 安全漏洞
Apache Commons OGNL is a Java library from the American Apache Apache Foundation. A security vulnerability exists in Apache Commons OGNL Ognl.getValue, which originates from incorrectly filtering input parameters, and can be exploited by a remote attacker to submit a special request, which can be...
PT-2025-33693 · Apache +1 · Apache Commons Ognl +1
Name of the Vulnerable Software and Affected Versions: Apache Commons OGNL affected versions not specified Description: An improper neutralization of expression/command delimiters issue exists in Apache Commons OGNL. The OGNL engine, when used with the Ognl.getValue API, parses and evaluates...
CVE-2023-30370
In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability...
PT-2024-6560 · Supermicro · Supermicro Bmc Firmware
Name of the Vulnerable Software and Affected Versions: Supermicro BMC firmware in select X11, X12, H12, B12, X13, H13, and B13 motherboards and CMM6 modules affected versions not specified Description: An issue was discovered in the Supermicro BMC firmware that allows an unauthenticated user to...
CVE-2023-30370
In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability...
Stack overflow
In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability...
Tenda AC15 缓冲区错误漏洞
Tenda AC15 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC15 version V15.03.05.19, which originates from a discovery via the GetValue function that contains a stack-based buffer overflow vulnerability...
SUSE CVE-2017-9954
The getvalue function in tekhex.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted tekhex file, as demonstrated by mishandling within the...
The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 allows a hacker to execute arbitrary code.
The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 relates to the copying of buffers without checking the size of the input data during the processing of the libcommonprod.so file. Exploiting this vulnerability allows a remote attacker to...
The vulnerability in the implementation of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 allows a hacker to execute arbitrary code.
The vulnerability in the implementation of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 lies in the copying of buffers without checking the size of the input data during the processing of the netctrl file. Exploiting this vulnerability allows a remote...
The vulnerability in the implementation of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 allows a hacker to induce a service failure.
The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 lies in the copying of buffers without checking the size of the input data during the processing of the apsteer file. Exploiting this vulnerability could allow a remote attacker to cause...
The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 allows a hacker to execute arbitrary code.
The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 lies in the copying of buffers without checking the size of the input data during the processing of the confcli file. Exploiting this vulnerability allows a remote attacker to execute arbitra...
The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 allows a hacker to induce a service failure.
The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 routers lies in the copying of buffers without checking the size of the input data during the processing of the telnetatemonitor file. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 allows a hacker to execute arbitrary code.
The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 lies in the copying of buffers without checking the size of the input data during the processing of the logUpload file. Exploiting this vulnerability could allow an attacker to execute...
The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 allows a hacker to execute arbitrary code.
The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 lies in the copying of buffers without checking the size of the input data during the processing of the rp-pppoe.so file. Exploiting this vulnerability allows a remote attacker to execute...
The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 allows a hacker to execute arbitrary code.
The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 lies in the copying of buffers without checking the size of the input data during the processing of the miniupnpd file. Exploiting this vulnerability could allow a remote attacker to execute...
The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 allows a hacker to execute arbitrary code.
The vulnerability of the GetValue function in the microprogramming software for LinkHub Mesh Wi-Fi AC1200 lies in the copying of buffers without checking the size of the input data during the processing of the pann file. Exploiting this vulnerability allows a remote attacker to execute arbitrary...