Exploit for Generation of Error Message Containing Sensitive Information in Postgresql

This is a PoC exploit for CVE-2021-3393, a Java source code static code analysis and danger function identifier program. The tool, named JavaID, identifies dangerous functions in Java source code by way of regular matching. It targets Java vulnerabilities such as XXE, Java Object Deserialization,...

PT-2025-28135 · Git +1 · Maven-Model

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The software experiences a security exception during operation. The crash state involves the java.base/java.lang.StringUTF16.newBytesFor function,...

CVE-2020-7931

In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorizedkeys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper class makes certa...

BIT-ARTIFACTORY-2020-7931

In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorizedkeys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper class makes certa...

PT-2023-35580 · Unknown +1 · Com.Puppycrawl.Tools.Checkstyle +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash has been reported, involving the com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr and...

PT-2023-35827 · Spring +1 · Org.Springframework.Expression +1

Name of the Vulnerable Software and Affected Versions: No specific software or version information is provided in the input descriptions. Description: The issue is related to a security exception, with details provided in an OSS-Fuzz report. The crash state involves several Java functions,...

Spring Cloud Function for Azure Function

What is the Spring Cloud Function? Spring Cloud Function is a SpringBoot-based framework allowing users to concentrate on their business logic by implementing them as Java Functions i.e., Supplier, Function, Consumer. In turn the framework provides necessary abstraction to enable execution of the...

Spring Cloud Function for Azure Function

What is the Spring Cloud Function? Spring Cloud Function is a SpringBoot-based framework allowing users to concentrate on their business logic by implementing them as Java Functions i.e., Supplier, Function, Consumer. In turn the framework provides necessary abstraction to enable execution of the...

PT-2022-37261 · Git +1 · Xstream

Name of the Vulnerable Software and Affected Versions: No specific software or version information is provided in the input description. Description: A security exception crash has been reported, involving the com.ctc.wstx.dtd.FullDTDReader.readContentSpec function, which interacts with...

CVE-2020-7931

In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorizedkeys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper class makes certa...

CVE-2020-7931

In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorizedkeys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper class makes certa...

CVE-2018-5393

The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. It utilizes a Java remote method invocation RMI service for remote control. The RMI interface does not require any authentication before use, so it lacks user authentication for RMI service...

Deserialization of untrusted data

The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. It utilizes a Java remote method invocation RMI service for remote control. The RMI interface does not require any authentication before use, so it lacks user authentication for RMI service...

DLA-352-1 libcommons-collections3-java - security update

Bulletin has no description...

SuSE9 Security Update : IBM Java 1.5.0 (YOU Patch Number 12623)

This update of IBM Java 1.5.0 to SR11 FP2 to fixes the following security issues : - Various unspecified and undocumented vulnerabilities that allows remote attackers to affect confidentiality, integrity and availability via various unknown vectors. CVE-2010-0084, CVE-2010-0085, CVE-2010-0087,...

Deserialization of untrusted data

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March...

CVE-2010-0094

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March...