activemq: improper authentication allows MITM attack

Apache ActiveMQ uses LocateRegistry.createRegistry to create the JMX RMI registry and binds the server to the "jmxrmi" entry. It is possible to connect to the registry without authentication and call the rebind method to rebind jmxrmi to something else. If an attacker creates another server to...

activemq: improper authentication allows MITM attack

Apache ActiveMQ uses LocateRegistry.createRegistry to create the JMX RMI registry and binds the server to the "jmxrmi" entry. It is possible to connect to the registry without authentication and call the rebind method to rebind jmxrmi to something else. If an attacker creates another server to...

Deserialization of Untrusted Data in Apache jUDDI

Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...

GHSA-9HX8-2MRV-R674 Deserialization of Untrusted Data in Apache jUDDI

Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...

PT-2021-20483 · Neo4J · Neo4J

Name of the Vulnerable Software and Affected Versions: Neo4j versions prior to 3.4.18 Description: The issue allows for remote code execution due to the arbitrary deserialization of Java objects. This can be achieved through the setSessionVariable function, which is part of the RMI service expose...

Design/Logic Flaw

Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...

CVE-2021-37578 Remote code execution via RMI

Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...

Critical Jira Flaw in Atlassian Could Lead to RCE

Atlassian has dropped a patch for a critical vulnerability in many versions of its Jira Data Center and Jira Service Management Data Center products, which can lead to arbitrary code execution. Atlassian is a platform that’s used by 180,000 customers to engineer software and manage projects, and...

CVE-2021-30179

Apache Dubbo CVE-2021-30179 affects versions prior to 2.6.9 and 2.7.9. The vulnerability arises because GenericFilter allows generic calls to arbitrary methods on provider interfaces, using Java Reflection. The invocation of $invoke/$invokeAsync uses a first argument method name, parameter types,...

Information Exposure

Overview foremanansible is an Ansible integration with Foreman. Affected versions of this package are vulnerable to Information Exposure. A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious...

CVE-2020-10716

A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data. This flaw affects...

CVE-2020-10716

A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data. This flaw affects...

Design/Logic Flaw

A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data. This flaw affects...

CVE-2020-10716

A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data. This flaw affects...

CVE-2020-10716

CVE-2020-10716 describes a UI access-control flaw in Red Hat Satellite’s Job Invocation: the "User Input" entry is not properly restricted to the view, allowing a user with access to Job Invocation to scan the invocation and search for passwords or other sensitive data. Affected: tfm-rubygem-fore...

PT-2021-9171 · Red Hat · Tfm-Rubygem-Foreman Ansible

Name of the Vulnerable Software and Affected Versions: Red Hat Satellite tfm-rubygem-foreman ansible versions prior to 4.0.3.4 Description: A flaw in Red Hat Satellite's Job Invocation allows a malicious user to scan through the invocation, potentially searching for passwords and other sensitive...

UBUNTU-CVE-2021-32556

It was discovered that the getmodifiedconffiles function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg1 call...

GHSA-6G88-99WJ-8MGG Command injection in Apache Flink

A vulnerability in Apache Flink where, when running a process with an enabled JMXReporter, with a port configured via metrics.reporter.reportername.port, an attacker with local access to the machine and JMX port can execute a man-in-the-middle attack using a specially crafted request to rebind th...

GHSA-6QFG-8799-R575 Kubernetes kubectl cp Vulnerable to Symlink Attack

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be...

function swapTo doesn't have a re-entrancy modifier

Handle paulius.eth Vulnerability details Impact function swap has a nonReentrant modifier but function swapTo doesn't. swapTo is a public function so it can be invoked directly. Recommended Mitigation Steps I guess it was meant to be the opposite as swap just invokes swapTo so it could...