Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/18 8:58 p.m.13 views

CVE-2026-27130

Dokploy is a free, self-hostable Platform as a Service PaaS. Versions 0.26.6 and below have OS command injection through the appName parameter. 3 chained issues cause this problem: inadequate input sanitization, lack of schema validation and direct shell interpolation. User-controlled application...

9.9CVSS5.8AI score0.00985EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2023/05/18 1:1 p.m.9 views

apache-commons-text: variable interpolation RCE

A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...

9.8CVSS7.4AI score0.99931EPSS
Exploits42References7
RedHat Linux
RedHat Linux
added 2023/05/03 3:54 p.m.9 views

apache-commons-configuration: Apache Commons Configuration insecure interpolation defaults

A flaw was found in Apache Commons Configuration's variable interpolation, which by default included several lookup actions that could permit script invocation on remote servers. This issue could allow an attacker to use one of these actions to send a request to execute arbitrary code on the serv...

9.8CVSS7.3AI score0.42646EPSS
Exploits3References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/19 11:52 a.m.72 views

Security Bulletin: IBM Spectrum Conductor is vulnerable to arbitrary code execution [CVE-2022-42889]

Summary Apache Commons Text is used by IBM Spectrum Conductor in Spark 3.0.1. This bulletin provides interim fixes which include Apache Commons Text 1.10.0 to fix arbitrary code execution in IBM Spectrum Conductor. CVE-2022-42889 Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache...

9.8CVSS9.8AI score0.99931EPSS
Exploits42Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/02 2:15 a.m.81 views

Security Bulletin: IBM SPSS Modeler is vulnerable to Apache Commons Text [CVE-2022-42889]

Summary Apache Commons Text is used by IBM SPSS Modeler as part of the spark function. This vulnerability is addressed. CVE-2022-42889 Vulnerability Details CVEID:CVE-2022-42889 DESCRIPTION: Apache Commons Text could allow a remote attacker to execute arbitrary code on the system, caused by an...

9.8CVSS9.8AI score0.99931EPSS
Exploits42Affected Software1
Rows per page
Query Builder