Lucene search
K

26 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/24 8:27 a.m.7 views

CVE-2025-11165

A sandbox escape vulnerability exists in dotCMS’s Velocity scripting engine VTools that allows authenticated users with scripting privileges to bypass class and package restrictions enforced by SecureUberspectorImpl. By dynamically modifying the Velocity engine’s runtime configuration and...

9.4CVSS5.9AI score0.00303EPSS
Exploits0References2Affected Software1
Gentoo Linux
Gentoo Linux
added 2026/01/26 12:0 a.m.11 views

Commons-BeanUtils: Arbitary Code Execution

Background Commons-beanutils provides easy-to-use wrappers around Reflection and Introspection APIs Description Multiple vulnerabilities have been discovered in Commons-BeanUtils. Please review the CVE identifiers referenced below for details. Impact A special BeanIntrospector class was added in...

8.8CVSS5.8AI score0.01495EPSS
Exploits1
OSV
OSV
added 2025/05/28 2:15 p.m.2 views

UBUNTU-CVE-2025-48734

Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. However this protection was not enabled by default...

8.8CVSS7AI score0.01495EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:3 a.m.4 views

SUSE CVE-2009-2475

Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to 1 LayoutQueue, 2 Cursor.predefined, 3...

7.8CVSS6.7AI score0.02318EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2022/04/29 9:58 a.m.238 views

Exploit for Code Injection in Vmware Spring_Framework

漏洞简介 最近spring爆出重磅级CVE漏洞,cve信息显示"A Spring MVC or Spring WebFl...

9.8CVSS9.3AI score0.99677EPSS
Exploits105
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.46 views

openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2013:0777-1)

java-160-openjdk was updated to 1.12.5 bnc817157 - Security fixes - S6657673, CVE-2013-1518: Issues with JAXP - S7200507: Refactor Introspector internals - S8000724, CVE-2013-2417: Improve networking serialization - S8001031, CVE-2013-2419: Better font processing - S8001040, CVE-2013-1537: Rework...

10CVSS7.1AI score0.86963EPSS
Exploits15References21
RedHat Linux
RedHat Linux
added 2014/04/17 11:30 a.m.6 views

OpenJDK: MBeanServer Introspector package access (JMX, 8008124)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented ...

5CVSS6.8AI score0.04552EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/10/23 4:26 p.m.4 views

OpenJDK: MBeanServer Introspector package access (JMX, 8008124)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented ...

5CVSS6.8AI score0.04552EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/10/23 4:26 p.m.7 views

OpenJDK: MBeanServer Introspector package access (JMX, 8008124)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented ...

5CVSS6.8AI score0.04552EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/07/15 8:32 p.m.7 views

OpenJDK: MBeanServer Introspector package access (JMX, 8008124)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented ...

5CVSS6.8AI score0.04552EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/07/15 8:29 p.m.6 views

OpenJDK: MBeanServer Introspector package access (JMX, 8008124)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented ...

5CVSS6.8AI score0.04552EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/07/03 5:4 p.m.6 views

OpenJDK: MBeanServer Introspector package access (JMX, 8008124)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented ...

5CVSS6.8AI score0.04552EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/06/20 2:42 p.m.5 views

OpenJDK: MBeanServer Introspector package access (JMX, 8008124)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented ...

5CVSS6.8AI score0.04552EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/06/20 12:0 a.m.5 views

OpenJDK: MBeanServer Introspector package access (JMX, 8008124)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented ...

5CVSS6.8AI score0.04552EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/06/19 11:56 p.m.3 views

OpenJDK: MBeanServer Introspector package access (JMX, 8008124)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented ...

5CVSS6.8AI score0.04552EPSS
Exploits0References5
Prion
Prion
added 2013/06/18 10:55 p.m.22 views

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented ...

5CVSS6AI score0.04552EPSS
Exploits0References25Affected Software2
Cvelist
Cvelist
added 2013/06/18 10:0 p.m.27 views

CVE-2013-2453

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented ...

8.5AI score0.04552EPSS
Exploits0References25
Saint
Saint
added 2013/03/04 12:0 a.m.121 views

Java MBeanInstantiator findClass and Introspector Sandbox Escape

Added: 03/04/2013 CVE: CVE-2013-0431 BID: 57726 OSVDB: 89613 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

10CVSS8.3AI score0.97612EPSS
Exploits44
Saint
Saint
added 2013/03/04 12:0 a.m.47 views

Java MBeanInstantiator findClass and Introspector Sandbox Escape

Added: 03/04/2013 CVE: CVE-2013-0431 BID: 57726 OSVDB: 89613 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

5.3CVSS9.8AI score0.89987EPSS
Exploits8
Saint
Saint
added 2013/03/04 12:0 a.m.59 views

Java MBeanInstantiator findClass and Introspector Sandbox Escape

Added: 03/04/2013 CVE: CVE-2013-0431 BID: 57726 OSVDB: 89613 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

10CVSS8.3AI score0.97612EPSS
Exploits44
Rows per page
Query Builder