PT-2020-12962 · Apache · Apache Unomi

Name of the Vulnerable Software and Affected Versions: Apache Unomi affected versions not specified Description: The issue allows conditions to use OGNL scripting, which can call static Java classes from the JDK. This could potentially execute code with the permission level of the running Java...

Arbitrary Code Execution

java is vulnerable to arbitrary code execution. A buffer overflow flaw was found in the splash screen processing. A remote attacker could extend privileges to read and write local files, as well as to execute local applications with the privileges of the user running the java process...

CVE-2019-17664

NSA Ghidra through 9.0.4 uses a potentially untrusted search path. When executing Ghidra from a given path, the Java process working directory is set to this path. Then, when launching the Python interpreter via the "Ghidra Codebrowser Window Python" option, Ghidra will try to execute the cmd.exe...

CVE-2019-17664

NSA Ghidra through 9.0.4 uses a potentially untrusted search path. When executing Ghidra from a given path, the Java process working directory is set to this path. Then, when launching the Python interpreter via the "Ghidra Codebrowser Window Python" option, Ghidra will try to execute the cmd.exe...

Design/Logic Flaw

NSA Ghidra through 9.0.4 uses a potentially untrusted search path. When executing Ghidra from a given path, the Java process working directory is set to this path. Then, when launching the Python interpreter via the "Ghidra Codebrowser Window Python" option, Ghidra will try to execute the cmd.exe...

Security Bulletin: TM1 Java Untrusted data (XML)Vulnerability (CVE-2013-2461)

Summary An unspecified vulnerability in Java to the Java Runtime Environment Libraries component. Vulnerability Details VULNERABILITY DETAILS: CVEID: CVE-2013-2461 DESCRIPTION: An unspecified vulnerability in Java to the Java Runtime Environment Libraries component. The products listed below have...

Jenkins Multiple Vulnerabilities (Apr 2017) - Linux

Multiple cross-site request forgery CSRF vulnerabilities in Jenkins allow malicious users to perform several administrative actions by tricking a victim into opening a web page. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

Jenkins Multiple Vulnerabilities (Apr 2017) - Windows

Multiple cross-site request forgery CSRF vulnerabilities in Jenkins allow malicious users to perform several administrative actions by tricking a victim into opening a web page. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

Google Android - 'gpsOneXtra' Data Files Denial of Service

Original at: https://wwws.nightwatchcybersecurity.com/2016/10/04/advisory-cve-2016-5348-2/ Summary Android devices can be crashed remotely forcing a halt and then a soft reboot by a MITM attacker manipulating assisted GPS/GNSS data provided by Qualcomm. This issue affects the open source code in...

Design/Logic Flaw

Nexus Data Broker NDB on Cisco Nexus 3000 devices with software 6.02A61 allows remote attackers to cause a denial of service Java process restart via crafted connections to the Java application, aka Bug ID CSCut87006...

CVE-2015-4296

Cisco Nexus 3000 Series switches are affected by CVE-2015-4296 via the Nexus Data Broker (NDB). The issue arises in the Java application handling incoming connections, where crafted connections can cause the Java process to restart, yielding a partial Denial of Service. Affected software is Nexus...

Cisco Nexus 3000 Series NX-OS Java Link Target Service Restart Vulnerability

Cisco Nexus 3000 Series is a switch product developed by Cisco. A security vulnerability in the NX-OS used by the Cisco Nexus 3000 Series allows a remote attacker to exploit the vulnerability by sending a special Java link to the target NDB service, which can cause the target Java process to...

Cisco Prime Central for Hosted Collaboration Solution Denial of Service Vulnerability

A vulnerability in the Impact server Java process of Cisco Prime Central for Hosted Collaboration Solution HCS could allow an unauthenticated, remote attacker to crash the Impact server Java process. The vulnerability is due to the Impact server Java process consuming available resources. An...

CVE-2013-5564

The Java process in the Impact server in Cisco Prime Central for Hosted Collaboration Solution HCS allows remote attackers to cause a denial of service process crash via a flood of TCP packets, aka Bug ID CSCug57345...

CVE-2013-5564

The Java process in the Impact server in Cisco Prime Central for Hosted Collaboration Solution HCS allows remote attackers to cause a denial of service process crash via a flood of TCP packets, aka Bug ID CSCug57345...

CVE-2013-5564

CVE-2013-5564 concerns the Java process in the Impact server of Cisco Prime Central for Hosted Collaboration Solution (HCS). Affected component is the Java process; the vulnerability allows an unauthenticated, remote attacker to cause a denial of service by sending a flood of TCP packets , leadin...

Oracle 9i Application Server Java Process Manager Accessible - Active Check

The remote host is an Oracle 9i Application Server AS. It is possible to obtain the list of Java processes running on the remote host anonymously, as well as to start and stop them. SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a referenced sources, and ar...