Lucene search
K

240 matches found

RedHat Linux
RedHat Linux
added 2026/06/17 2:37 p.m.7 views

firefox: Integer overflow in the Networking: JAR component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Networking: JAR component...

9.8CVSS5.3AI score0.00605EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/17 8:14 a.m.5 views

firefox: Integer overflow in the Networking: JAR component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Networking: JAR component...

9.8CVSS5.3AI score0.00605EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/17 5:59 a.m.6 views

firefox: Integer overflow in the Networking: JAR component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Networking: JAR component...

9.8CVSS5.3AI score0.00605EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.7 views

CVE-2026-44088

SzafirHost verifies the signature of the downloaded JAR file using class JarInputStream reading from the beginning of the file, but loads classes using class JarFile/URLClassLoader reading the Central Directory from the end. It can lead to remote code execution by allowing an attacker to combine ...

8.6CVSS6.3AI score0.00445EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 6:20 p.m.6 views

CVE-2025-64390

A privilege escalation vulnerability exists in PlayStation 4 firmware versions 13.00 through 13.02. The BD-J Blu-ray Disc Java sandbox can be escaped through a malformed JAR file...

5.8AI score0.00085EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.11 views

CVE-2026-40564

Files or Directories Accessible to External Parties, Server-Side Request Forgery SSRF vulnerability in Apache Flink Kubernetes Operator. The FlinkSessionJob jarURI is currently not validated so that it points to user-owned files or addresses. This lets a user with CR create permissions read files...

6.5CVSS5.8AI score0.0049EPSS
Exploits3References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Sony PlayStation 4 安全漏洞

The Sony PlayStation 4 is a home video game console developed by the Japanese company Sony. There were security vulnerabilities in the versions 13.00 to 13.02 of the Sony PlayStation 4. These vulnerabilities stemmed from the BD-J sandbox feature, which could allow an abnormal JAR file to escape,...

7.4CVSS5.4AI score0.00085EPSS
Exploits0References2
CVE
CVE
added 2026/05/17 11:30 a.m.30 views

CVE-2026-8751

Affected software: h2oai h2o-3 (versions before 7402). The issue lies in the JAR Handler component, specifically the importBinaryModel() function in h2o-core/src/main/java/hex/Model.java, where input manipulation can trigger deserialization. This enables remote exploitation, with the exploit publ...

9.8CVSS6.7AI score0.00409EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/05/15 9:16 a.m.13 views

CVE-2026-44088

SzafirHost verifies the signature of the downloaded JAR file using class JarInputStream reading from the beginning of the file, but loads classes using class JarFile/URLClassLoader reading the Central Directory from the end. It can lead to remote code execution by allowing an attacker to combine ...

8.6CVSS0.00445EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.8 views

Krajowa Izba Rozliczeniowa SzafirHost 代码问题漏洞

Krajowa Izba Rozliczeniowa SzafirHost is an electronic signature server component developed by the Polish company Krajowa Izba Rozliczeniowa. It provides certificate management and signature processing capabilities. Versions of Krajowa Izba Rozliczeniowa SzafirHost prior to 1.2.1 had code...

8.6CVSS6.2AI score0.00445EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.11 views

PT-2026-41271

SzafirHost verifies the signature of the downloaded JAR file using class JarInputStream reading from the beginning of the file, but loads classes using class JarFile/URLClassLoader reading the Central Directory from the end. It can lead to remote code execution by allowing an attacker to combine ...

8.6CVSS6.4AI score0.00445EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/08 9:10 p.m.7 views

Arbitrary Command Injection

Overview @idachev/mcp-javadc is a Model Context Protocol MCP server for Java decompilation Affected versions of this package are vulnerable to Arbitrary Command Injection via the HTTP Interface component when processing the jarFilePath argument. An attacker can execute arbitrary operating system...

7.5CVSS6.1AI score0.01651EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.7 views

PT-2026-31446

A vulnerability was identified in idachev mcp-javadc up to 1.2.4. Impacted is an unknown function of the component HTTP Interface. Such manipulation of the argument jarFilePath leads to os command injection. It is possible to launch the attack remotely. The exploit is publicly available and might...

7.5CVSS5.6AI score0.01651EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.10 views

MCP Java Decompiler Server 操作系统命令注入漏洞

MCP Java Decompiler Server is a Java bytecode decompilation server developed by Ivan Dachev. Versions of MCP Java Decompiler Server 1.2.4 and earlier had a vulnerability related to operating system command injection. This vulnerability stemmed from the handling of the parameter jarFilePath in the...

7.5CVSS7.1AI score0.01651EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/03/05 8:48 p.m.7 views

CVE-2026-0848

NLTK versions =3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module. The module dynamically loads external Java .jar files without verification or sandboxing. An attacker can supply or replace the JAR file, enabling the execution of...

10CVSS9.7AI score0.00777EPSS
Exploits3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-6130

Malware in sbrugna...

4CVSS6.4AI score0.01424EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-3614

Malware in sbrugna...

2.6CVSS6AI score0.03827EPSS
Exploits0References34
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2002-1292

Malware in sbrugna...

7.5CVSS6.4AI score0.03663EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-1964

Malware in sbrugna...

4CVSS6.4AI score0.02679EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-15721

Malware in sbrugna...

10CVSS9.5AI score0.04841EPSS
Exploits0References3
Rows per page
Query Builder