27 matches found
JDWPEx
JDWP Remote Code Execution Exploit A Python 3 implement...
EUVD-2016-4903
Malware in sbrugna...
EUVD-2018-17255
Malware in sbrugna...
EUVD-2021-7495
Malicious code in bioql PyPI...
Java Debug Wire Protocol (JDWP) Service Public WAN (Internet) / Public LAN Accessible
The script checks if the target host is running a Java Debug Wire Protocol JDWP service accessible from a public WAN Internet / public LAN. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
CVE-2023-49693 NETGEAR ProSAFE Network Management System RCE via Unprotected Access to Java Debug Wire Protocol
NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol JDWP listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code...
Remote code execution
SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol JDWP interface security misconfiguration vulnerability which potentially leads to Remote Code Execution. This vulnerability impacts Analytics On-Prem 2.5.2518 and earlier...
SonicWall Analytics Remote Command Execution via Java Debug Wire Protocol
SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol JDWP interface security misconfiguration vulnerability which potentially leads to Remote Code Execution. This vulnerability impacts Analytics On-Prem 2.5.2518 and earlier. CVE: CVE-2021-20032 Last updated: Aug. 10, 2021, 2:...
Java Debug Wire Protocol (JDWP) Service Detection (TCP)
TCP based detection of services supporting the Java Debug Wire Protocol JDWP. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Code injection
NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol JDWP enabled which allows unauthorized local attackers to execute arbitrary code...
OpenJDK: insufficient checks of JDWP packets (Hotspot, 8159519)
It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol JDWP packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP request...
Ubuntu: Security Advisory (USN-3121-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2016-759)
It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. CVE-2016-558...
CVE-2016-3890
The Java Debug Wire Protocol JDWP implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a crafted application, aka internal bug 28347842...
CVE-2016-3890
The Java Debug Wire Protocol JDWP implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a crafted application, aka internal bug 28347842...
Design/Logic Flaw
The Java Debug Wire Protocol JDWP implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a crafted application, aka internal bug 28347842...
CVE-2016-3890
The Java Debug Wire Protocol JDWP implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a crafted application, aka internal bug 28347842...
CVE-2016-3890
The Java Debug Wire Protocol JDWP implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a crafted application, aka internal bug 28347842...
CVE-2016-3890
The Java Debug Wire Protocol JDWP implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a crafted application, aka internal bug 28347842...
ESA-2015-102: EMC Unisphere for VMAX Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-102: EMC Unisphere for VMAX Remote Code Execution Vulnerability EMC Identifier: ESA-2015-102 CVE Identifier: CVE-2015-0545 Severity Rating: CVSS v2 Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C Affected products: • EMC Unisphere for VMAX 8.0.0 ...