Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:33 a.m.5 views

CVE-2024-39015

cafebazaar hod v0.4.14 was discovered to contain a prototype pollution via the function request. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

9.8CVSS8.2AI score0.00691EPSS
Exploits0References1
Veracode
Veracode
added 2024/07/02 8:10 a.m.12 views

Prototype Pollution

@cafebazaar/hod is vulnerable to Prototype Pollution. The vulnerability is due to missing checks in the request function, allowing attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

9.8CVSS7.7AI score0.00691EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/07/01 1:15 p.m.19 views

CVE-2024-39015

cafebazaar hod v0.4.14 was discovered to contain a prototype pollution via the function request. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

9.8CVSS0.00691EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/01 12:0 a.m.9 views

CVE-2024-39015

cafebazaar hod v0.4.14 was discovered to contain a prototype pollution via the function request. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

8.2AI score0.00691EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/01 12:0 a.m.4 views

hod security breach

hod is an open source library from Cafe Bazaar. A security vulnerability exists in hod version v0.4.14, which originates from the inclusion of prototype contamination via the function request, allowing an attacker to execute arbitrary code or cause a denial of service DoS by injecting arbitrary...

9.8CVSS7.7AI score0.00691EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/01 12:0 a.m.4 views

PT-2024-28325 · Unknown · Cafebazaar Hod

Name of the Vulnerable Software and Affected Versions: cafebazaar hod version 0.4.14 Description: The issue allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties through a prototype pollution vulnerability in the request function...

9.8CVSS8.2AI score0.00691EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/07/01 12:0 a.m.21 views

CVE-2024-39015

cafebazaar hod v0.4.14 was discovered to contain a prototype pollution via the function request. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

0.00691EPSS
Exploits0References1
CVE
CVE
added 2024/07/01 12:0 a.m.49 views

CVE-2024-39015

CVE-2024-39015 concerns cafebazaar hod v0.4.14, where a prototype pollution flaw in the request function allows an attacker to execute arbitrary code or cause a DoS by injecting arbitrary properties. The Red Hat and Veracode records corroborate the prototype pollution issue in hod and the involve...

9.8CVSS8.3AI score0.00691EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/02 2:16 p.m.31 views

Security Bulletin: Vulnerability in IBM Semeru Runtime affects Host On-Demand

Summary There is a vulnerability in IBM Semeru Runtime Quarterly Critical Patch Update - Jan 2024 - Includes OpenJDK Jan 2024 Critical Patch Update. Host On-Demand has addressed the applicable CVE plus CVE-2024-22361. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified...

7.5CVSS6.6AI score0.00918EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/28 4:18 p.m.41 views

Security Bulletin: Vulnerabilities in IBM Semeru Runtime affects Host On-Demand

Summary There is a vulnerability in IBM Semeru Runtime used by Host On-Demand. Host On-Demand has provided a fix for the applicable CVE. These issues were disclosed as part of the IBM Semeru Runtime Quarterly CPU - Apr 2023 - Includes OpenJDK April 2023 CPU. Vulnerability Details...

7.4CVSS7.2AI score0.01295EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/28 6:45 p.m.42 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Host On-Demand

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by Host On-Demand. Host On-Demand has addressed the applicable CVEs. These issues were disclosed as part of the IBM Java SDK and Runtime Environment updates in July 2020. Vulnerability Details CVEID:...

4.3CVSS2.5AI score0.04044EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/30 3:6 p.m.23 views

Security Bulletin: Vulnerability in IBM Java Runtime affects Host On-Demand

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by Host On-Demand. Host On-Demand has addressed the applicable CVE. The issue was disclosed as part of the IBM Java SDK and Runtime Environment updates in January 2020. Vulnerability Details CVEID: CVE-2019-4732...

7.2CVSS2.6AI score0.00561EPSS
Exploits0Affected Software1
exploitpack
exploitpack
added 2009/07/17 12:0 a.m.26 views

Easy RM to MP3 Converter - .m3u Universal Stack Overflow

Easy RM to MP3 Converter - .m3u Universal Stack Overflow !/usr/bin/perl Easy RM to MP3 Converter .m3u file Universall Stack Overflow Exploit it's so diferent to the first exploit .pls by stack xd Alpha zrebti 3liha :d Thnx to Zigma & His0k4 & HOD my $header=...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2009/07/17 12:0 a.m.22 views

Easy RM To MP3 Converter Stack Overflow

!/usr/bin/perl Easy RM to MP3 Converter .m3u file Universall Stack Overflow Exploit it's so diferent to the first exploit .pls by stack xd Alpha zrebti 3liha :d Thnx to Zigma & His0k4 & HOD my $header= "\x23\x45\x58\x54\x4D\x33\x55\x0D\x0A\x23\x45\x58\x54\x49\x4E\x46"...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2009/07/17 12:0 a.m.33 views

Easy RM to MP3 Converter - '.m3u' Universal Stack Overflow

!/usr/bin/perl Easy RM to MP3 Converter .m3u file Universall Stack Overflow Exploit it's so diferent to the first exploit .pls by stack xd Alpha zrebti 3liha :d Thnx to Zigma & His0k4 & HOD my $header= "\x23\x45\x58\x54\x4D\x33\x55\x0D\x0A\x23\x45\x58\x54\x49\x4E\x46"...

7.4AI score
Exploits0
0day.today
0day.today
added 2009/04/13 12:0 a.m.17 views

WM Downloader 3.0.0.9 (.m3u) Universal Stack Overflow Exploit

Exploit for unknown platform in category local exploits =========================================================== WM Downloader 3.0.0.9 .m3u Universal Stack Overflow Exploit =========================================================== / WM Downloader Version 3.0.0.9 .m3u Universal Stack Overflow...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2006/12/12 12:0 a.m.34 views

ibmwebsphere-bypass.txt

SUMMARY Vulnerability found in: IBM WebSphere Host On-Demand HOD Type: Unauthorized, remote access to HOD administration pages Applies to: Version 6.0, 7.0, 8.0, and 9.0 possibly 10.0 Severity Level: High Exploit Difficulty: Very Low Initial Vendor Notification: approximately 11/3/2006 Discovered...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2006/12/12 12:0 a.m.46 views

IBM WebSphere Host On-Demand绕过认证执行管理功能漏洞

IBM WebSphere Host On-Demand(HOD)允许从启用了Java的Web浏览器访问主机应用和数据。 HOD在用户认证的实现上存在设计问题,远程攻击者可能利用此漏洞轻易绕过访问验证非授权操作管理功能。 HOD中用于处理用户认证的applet通常位于https://server/hod/HODAdmin.html...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2006/12/11 12:0 a.m.55 views

Unauthenticated access to IBM Host On-Demand administration pages

SUMMARY Vulnerability found in: IBM WebSphere Host On-Demand HOD Type: Unauthorized, remote access to HOD administration pages Applies to: Version 6.0, 7.0, 8.0, and 9.0 possibly 10.0 Severity Level: High Exploit Difficulty: Very Low Initial Vendor Notification: approximately 11/3/2006 Discovered...

0.6AI score
Exploits0
Rows per page
Query Builder