194 matches found
CVE-2017-9514
CVE-2017-9514 affects Atlassian Bamboo. A REST endpoint could parse YAML and did not adequately restrict loaded classes, enabling an authenticated user to execute Java code on vulnerable Bamboo versions. Affected ranges: 6.0.x before 6.0.5, 6.1.x before 6.1.4, and 6.2.x before 6.2.1. Remediation ...
CVE-2016-6809
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization...
Deserialization of untrusted data
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization...
CVE-2016-6809
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization...
CVE-2016-6809
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization...
CVE-2016-6809
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization...
CVE-2016-6809
Apache Tika prior to 1.14 is vulnerable to remote Java code execution via serialized objects embedded in MATLAB files. The root cause is native deserialization invoked through JMatIO, enabling an attacker to inject and execute code during object deserialization. Public references in the connected...
CVE-2016-6809
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization...
Apache Struts 2 Remote Code Execution (CVE-2017-5638)
Description Crowd used a version of Struts 2 that was vulnerable to CVE-2017-5638|https://cwiki.apache.org/confluence/display/WW/S2-045. Attackers can use this vulnerability to execute Java code of their choice on systems that have a vulnerable version of Crowd. Affected versions: All versions of...
Microsoft Power Point 2016 - Java Code Execution
Microsoft Power Point 2016 - Java Code Execution Exploit Title: Microsoft Power Point Java Payload Code Execution Exploit Author: Fady Mohamed Osman @fadyosman Exploit-db : http://www.exploit-db.com/author/?a=2986 Demo Video : https://www.youtube.com/watch?v=DOJSUJK7hRo Video Tutorial :...
Microsoft Power Point 2016 - Java Code Execution
Exploit Title: Microsoft Power Point Java Payload Code Execution Exploit Author: Fady Mohamed Osman @fadyosman Exploit-db : http://www.exploit-db.com/author/?a=2986 Demo Video : https://www.youtube.com/watch?v=DOJSUJK7hRo Video Tutorial : https://www.youtube.com/watch?v=Lih-iuXgEM Youtube Channel...
Java (OGNL) code execution in Apache Struts 2 when devMode is enabled
Overview Apache Struts 2 provided by the Apache Software Foundation is a software framework for creating Java web applications. There is a known risk that arbitrary Java OGNL code may be executed in Apache Struts 2 when devMode is enabled in production environment. It is confirmed that...
CVE-2016-6809
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization...
The vulnerability of the microprogramming software of the DELL SonicWALL Universal Management Appliance em5000 and the DELL SonicWALL Global Management System allows a intruder to execute arbitrary Java code.
The vulnerability of the CLIServer microprogramming software for automated network management by DELL SonicWALL Universal Management Appliance em5000, as well as the DELL SonicWALL Global Management System, is related to the lack of measures for input data cleansing. Exploiting this vulnerability...
Apache OFBiz Security Bypass Vulnerability
Apache OFBiz also known as Apache Open For Business Project is the United States Apache Apache Software Foundation of a set of enterprise resource planning ERP system. The system provides a set of Java-based Web application components and tools. A security bypass vulnerability exists in Apache...
Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder
Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder Vendor: Wieland Electric GmbH Product web page: http://www.wieland-electric.com Affected version: 4.1 Build 9 Summary: Your new software for the configuration of Wieland terminal rails. wieplan enables you to plan a...
Wieland wieplan 4.1 - Document Parsing Java Code Execution Using XMLDecoder
Exploit for multiple platform in category local exploits Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder Vendor: Wieland Electric GmbH Product web page: http://www.wieland-electric.com Affected version: 4.1 Build 9 Summary: Your new software for the configuration of...
Wieland wieplan 4.1 - Document Parsing Java Code Execution Using XMLDecoder
Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder Vendor: Wieland Electric GmbH Product web page: http://www.wieland-electric.com Affected version: 4.1 Build 9 Summary: Your new software for the configuration of Wieland terminal rails. wieplan enables you to plan a complet...
Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder
Summary Your new software for the configuration of Wieland terminal rails. wieplan enables you to plan a complete terminal rail in a very simple way and to then place an order with Wieland. The configured terminal rail can be stored in DXF format and read into a CAD tool for further processing. D...
CVE-2015-7913
agserverservice.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows local users to execute arbitrary Java code with SYSTEM privileges by using the Apache Axis AdminService deployment method to publish a class...