665 matches found
HtmlUnit Code Execution Vulnerability
HtmlUnit is a Java-based library . A code execution vulnerability exists in HtmlUnit that can be exploited by an attacker to execute arbitrary Java code...
IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Remote Code Execution (CVE-2018-1567)
The IBM WebSphere Application Server running on the remote host is version 7.0.0.0 through 7.0.0.45, 8.0.0.0 through 8.0.0.15, 8.5.x prior to 8.5.5.15, or 9.0.0.x prior to 9.0.0.10. It is, therefore, affected by a remote code execution vulnerability. IBM WebSphere Application Server could allow...
CVE-2014-2271
cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java...
Code injection
cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java...
MTN Group: Java Debug Console Provides Command Injection Without Privellage Esclation
Summary: I intially found the debug console as a tool to insert arbitrary html/xss bugs, however after further probing the debug console it has some serious security flaws to allow arbitrary java code to be executed. My intial report of a seperate bug using this console,...
Security Bulletin: Multiple security vulnerabilities have been addressed in IBM Security Privileged Identity Manager
Summary IBM Security Privileged Identity Manager has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-1719 DESCRIPTION: IBM WebSphere Application Server could provide weaker than expected security under certain conditions. This could result in a downgrade of TLS...
CVE-2019-0195
Manipulating classpath asset file URLs, an attacker could guess the path to a known file in the classpath and have it downloaded. If the attacker found the file with the value of the tapestry.hmac-passphrase configuration symbol, most probably the webapp's AppModule class, the value of this symbo...
Deserialization of untrusted data
Manipulating classpath asset file URLs, an attacker could guess the path to a known file in the classpath and have it downloaded. If the attacker found the file with the value of the tapestry.hmac-passphrase configuration symbol, most probably the webapp's AppModule class, the value of this symbo...
Canon PRINT 2.5.5 - Information Disclosure
Exploit Title: Content Provider URI Injection on Canon PRINT 2.5.5 CVE-2019-14339 Date: 24th July, 2019 Exploit Author: 0x48piraj Vendor Homepage: https://www.usa.canon.com/internet/portal/us/home/explore/printing-innovations/mobile-printing/canon-print-app Software Link:...
Apache Struts ClassLoader Manipulation Vulnerabilities (S2-021) - Linux
ClassLoader Manipulation in Apache Struts allows remote attackers to execute arbitrary Java code. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
Apache Struts 2.x < 2.3.16.1 Multiple Vulnerabilities (S2-020) - Linux
Apache Struts is prone to multiple vulnerabilities. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Important: Red Hat Security Advisory: kernel-alt security and bug fix update
An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Out-of-bounds
In Eclipse OpenJ9 prior to 0.15, the String.getBytesint, int, byte, int method does not verify that the provided byte array is non-null nor that the provided index is in bounds when compiled by the JIT. This allows arbitrary writes to any 32-bit address or beyond the end of a byte array within Ja...
IBM WebSphere Application Server Remote Code Execution Vulnerability (CVE-2018-1904)
The IBM WebSphere Application Server running on the remote host is version 7.0.0.0 through 7.0.0.45, 8.0.0.0 through 8.0.0.15, 8.5.x prior to 8.5.5.15, or 9.0.0.x prior to 9.0.0.10. It is, therefore, affected by a remote code execution vulnerability that allows remote attackers to execute arbitra...
U.S. Dept Of Defense: RCE on █████ via CVE-2017-10271
Summary: Happy Friday! The server at ██████ is vulnerable to CVE-2017-10271 "Oracle WebLogic Server Remote Command Execution". Description: The following request takes 12 seconds 12000 milliseconds to complete: POST /wls-wsat/RegistrationPortTypeRPC HTTP/1.1 Host: ██████████ Content-Length: 423...
CVE-2018-20580
The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file...
CVE-2018-20580
The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file...
Atlassian Confluence Widget Connector Macro Velocity Template Injection Exploit
Widget Connector Macro is part of Atlassian Confluence Server and Data Center that allows embed online videos, slideshows, photostreams and more directly into page. A template parameter can be used to inject remote Java code into a Velocity template, and gain code execution. Authentication is not...
LogicalDOC 8.2 Path Traversal Vulnerability
Impact In order to exploit this vulnerability an attacker needs to be an authenticated read-only user of the role guest. The attacker can read arbitrary files and create arbitrary directories on the server with the permissions of the user running the web server. It is recommended to update...
Security Bulletin: Potential Remote code execution vulnerability in WebSphere Application Server (CVE-2018-1904)
Summary There is a potential remote code execution vulnerability in WebSphere Application Server CVE-2018-1904 Vulnerability Details CVEID: CVE-2018-1904 DESCRIPTION: IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code through an administrative client clas...