CVE-2020-1103

An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks a variant of cross-site request forgery, CSRF.When users are simultaneously logged in to Microsoft SharePoint Server and visit a...

jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider

A flaw was found in jackson-databind 2.x prior to version 2.9.10.4. The interaction between serialization gadgets and typing is mishandled in the bus-proxy. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

Information Disclosure

Red Hat Satellite's Job Invocation is vulnerable to information disclosure. The User Input entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data...

Red Hat Satellite Job Invocation Authorization Issue Vulnerability

Red Hat Satellite is a system management platform from Red Hat, Inc. that extends the Linux infrastructure and provides system management capabilities such as administration, configuration, and monitoring. Red Hat Satellite is a system management platform from Red Hat, Inc. that extends the Linux...

CVE-2020-10716

A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data...

tomcat: local privilege escalation

A privilege escalation flaw was found in Tomcat when the JMX Remote Lifecycle Listener was enabled. A local attacker without access to the Tomcat process or configuration files could be able to manipulate the RMI registry to perform a man-in-the-middle attack. The attacker could then capture user...

jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider

A flaw was found in jackson-databind 2.x prior to version 2.9.10.4. The interaction between serialization gadgets and typing is mishandled in the bus-proxy. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

CVE-2020-2915

CVE-2020-2915 affects Oracle Coherence within Oracle Fusion Middleware (Caching, CacheStore, Invocation). Affected versions are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0. The issue allows an unauthenticated attacker with network access via IIOP/T3 to compromise Oracle Coherence, potentially tak...

rubygem-foreman_ansible: "User input" entry from Job Invocation may contain sensitive data

A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data...

UBUNTU-CVE-2020-11112

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider aka apache/commons-proxy...

DEBIAN-CVE-2020-10968

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider aka bus-proxy...

ansible: sub parameters marked as no_log are not masked in certain failure scenarios

A flaw was found in ansible. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processed. As a result, data in the sub parameter fields will not be...

Dell Security Management Server Code Issue Vulnerability

Dell Security Management Server is a data security management solution from Dell Dell. A code issue vulnerability exists in Dell Security Management Server versions prior to 10.2.10. The vulnerability stems from an improperly designed or implemented code development process for a network system o...

vRealize Operations for Horizon Adapter Remote Code Execution Vulnerability

VMware vRealize Operations is operations management software that spans physical, virtual, and cloud environments and supports network environments based on vSphere, Hyper-V, or Amazon Web Services. A security vulnerability exists in vRealize Operations for Horizon Adapter versions 6.7.x prior to...

.NET Partial-Trust bypass via browser command-line injection in System.Windows.Forms.Help

A command-line injection vulnerability exists in the core .NET class System.Windows.Forms.Help::ShowHelp function allowing an attacker without “UnmanagedCode” permission to nevertheless directly control arguments passed to a “ShellExecute” invocation of the users’ default browser. This...

IBM ServeRAID Manager exposes unauthenticated Java Remote Method Invocation (RMI) service

Overview IBM ServeRAID Manager version 9.30-17006 and prior exposes a Java RMI that allows a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description IBM ServeRAID Manager includes an embedded instance of Java version 1.4.2. Both ServeRAID Manager and Java...

Exploit for Deserialization of Untrusted Data in Oracle Weblogic_Server

ysoserial-cve-2018-2628 0x1. 准备工作 - 准备好POC脚本及Payload Object生成、JRMPListener运行所需软件环境 Python 2.7.x Oracle Java SE 1.7+ - 准备好一套安装好Patch Set Update 180417补丁的WebLogic Server 10.3.6环境（仅有AdminServer即可） 如果有现成的、已经安装好这个PSU版本的WebLogic环境，则可跳过这一步。 - 准备好POC工具 从本项目里下载POC脚本（wls-cve-2018-2628-poc.py）...

CVE-2019-11251

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be...

Design/Logic Flaw

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware component: Caching,CacheStore,Invocation. Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 ...

CVE-2020-2555

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware component: Caching,CacheStore,Invocation. Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 ...