CVE-2020-11975

Apache Unomi allows conditions to use OGNL scripting which offers the possibility to call static Java classes from the JDK that could execute code with the permission level of the running Java process...

PT-2024-9311 · Dell · Dell Openmanage Server Administrator

Name of the Vulnerable Software and Affected Versions: Dell OpenManage Server Administrator versions 11.0.1.0 and prior Description: The issue is related to improper input validation, which could be exploited by a remote low-privileged malicious user to load any web plugins or Java class. This...

hsqldb: Untrusted input may lead to RCE attack

A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default...

CVE-2024-10382 Arbitrary Code execution in Car App Android Jetpack Library

There exists a code execution vulnerability in the Car App Android Jetpack Library. CarAppService uses deserialization logic that allows construction of arbitrary java classes. This can lead to arbitrary code execution when combined with specific Java deserialization gadgets. An attacker needs to...

Butterfly's parseJSON, getJSON functions eval malicious input, leading to remote code execution (RCE)

Summary Usage of the Butterfly.prototype.parseJSON or getJSON functions on an attacker-controlled crafted input string allows the attacker to execute arbitrary JavaScript code on the server. Since Butterfly JavaScript code has access to Java classes, it can run arbitrary programs. Details The...

OpenMetadata 1.2.3 Authentication Bypass / SpEL Injection Exploit

This Metasploit module exploits OpenMetadata versions 1.2.3 and below by chaining an API authentication bypass using JWT tokens along with a SpEL injection vulnerability to achieve arbitrary command execution. This module requires Metasploit: https://metasploit.com/download Current source:...

OpenMetadata 1.2.3 Authentication Bypass / SpEL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenMetadata authentication bypass and SpEL injection exploit chain', 'Description' = %q OpenMetadata is a unified platform for discovery,...

OpenMetadata authentication bypass and SpEL injection exploit chain

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. This module chains two vulnerabilities that exist in the OpenMetadata aplication. The first vulnerability, CVE-2024-28255,...

Expression Language Injection

OpenMetadata is vulnerable to Expression Language Injection. The vulnerability is due to in validateExpression function evaluates SpEL expressions using a StandardEvaluationContext, This enabling interaction with Java classes like java.lang.Runtime, ultimately resulting in Remote Code Execution...

CVE-2024-28254

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The ‎AlertUtil::validateExpression method evaluates an SpEL expression using getValue which by default uses the...

Fedora: Security Advisory for jakarta-oro (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: jakarta-oro-2.0.8-44.fc40

The Jakarta-ORO Java classes are a set of text-processing Java classes that provide Perl5 compatible regular expressions, AWK-like regular expressions, glob expressions, and utility classes for performing substitutions, splits, filtering filenames, etc. This library is the successor to the...

[SECURITY] Fedora 40 Update: bsf-2.4.0-54.fc40

Bean Scripting Framework BSF is a set of Java classes which provides scripting language support within Java applications, and access to Java objects and methods from scripting languages. BSF allows one to write JSPs in languages other than Java while providing access to the Java class library. In...

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a denial of service due to IBM MQ (CVE-2023-28513).

Summary Features requiring MQ client connectivity in IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a denial of service due to IBM MQ CVE-2023-28513. The fix includes IBM Managed File Transfer and IBM MQ classes for Java at version 9.2.0.15 Vulnerability Details...

Arbitrary Code Execution

yamlbeans is vulnerable toArbitrary Code Execution. The vulnerability exists due to allowing arbitrary YAML tags by default which can represent arbitrary Java classes, which allows an attacker to execute arbitrary code if the application parses untrusted YAML files...

Esoteric YamlBeans Unsafe Deserialization vulnerability

An issue was discovered in Esoteric YamlBeans through 1.15. It allows untrusted deserialisation to Java classes by default, where the data and class are controlled by the author of the YAML document being processed...

GHSA-JM7R-4PG6-GF26 Esoteric YamlBeans Unsafe Deserialization vulnerability

An issue was discovered in Esoteric YamlBeans through 1.15. It allows untrusted deserialisation to Java classes by default, where the data and class are controlled by the author of the YAML document being processed...

CVE-2023-24621

An issue was discovered in Esoteric YamlBeans through 1.15. It allows untrusted deserialisation to Java classes by default, where the data and class are controlled by the author of the YAML document being processed...

CVE-2023-24621

An issue was discovered in Esoteric YamlBeans through 1.15. It allows untrusted deserialisation to Java classes by default, where the data and class are controlled by the author of the YAML document being processed...

CVE-2023-24621

An issue was discovered in Esoteric YamlBeans through 1.15. It allows untrusted deserialisation to Java classes by default, where the data and class are controlled by the author of the YAML document being processed...