Lucene search
K

14 matches found

OSV
OSV
added 2025/07/22 4:29 p.m.5 views

MAL-2025-6100 Malicious code in jcl-over-slf4j (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6765b8e788daac3b9fcad973360085b07eb23632ecc6e6a30030682e006ff607 Any computer that has this package installed or running should be considered...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/22 4:29 p.m.5 views

Malicious code in jcl-over-slf4j (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6765b8e788daac3b9fcad973360085b07eb23632ecc6e6a30030682e006ff607 Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/04/03 5:36 a.m.4 views

Malicious code in jcl-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e5db8fba1d3af4871fe70fb88d7eef37a6740477ddfe683e8258afa4345d7055 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/04/03 5:36 a.m.2 views

MAL-2025-3105 Malicious code in jcl-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e5db8fba1d3af4871fe70fb88d7eef37a6740477ddfe683e8258afa4345d7055 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSV
OSV
added 2024/06/15 12:0 a.m.14 views

OPENSUSE-SU-2024:11386-1 jcl-over-slf4j-1.7.30-2.5 on GA media

These are all security issues fixed in the jcl-over-slf4j-1.7.30-2.5 package on the GA media of openSUSE Tumbleweed...

9.8CVSS9.7AI score0.15087EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/02/01 12:0 a.m.36 views

openSUSE: Security Advisory for log4j (openSUSE-SU-2021:4094-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS10AI score0.99999EPSS
Exploits351References4
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/03 4:23 a.m.10 views

Service Bulletin 130: Updated File Naming Conventions for FTP

Abstract Direct this service bulletin to the persons at customer locations who are responsible for opening Problem Management Reports PMRs for the TPF products. This bulletin expands on information distributed in Service Bulletin 84: File Naming Conventions for FTP and Service Bulletin 112: New F...

6.6AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/03/27 12:0 a.m.38 views

Oracle Linux 7 : slf4j (ELSA-2018-0592)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-0592 advisory. 0:1.7.4-4 - Disallow EventData deserialization by default CVE-2018-8088 Tenable has extracted the preceding description block directly from the Oracle Linux...

9.8CVSS7.3AI score0.15087EPSS
Exploits0References2
Metasploit
Metasploit
added 2017/09/29 9:52 p.m.47 views

Z/OS (MVS) Command Shell, Bind TCP

Provide JCL which creates a bind shell This implementation does not include ebcdic character translation, so a client with translation capabilities is required. MSF handles this automatically. This module requires Metasploit: https://metasploit.com/download Current source:...

7.3AI score
Exploits0
Metasploit
Metasploit
added 2017/04/11 8:4 p.m.60 views

JCL to Escalate Privileges

Elevate privileges for user. Adds SYSTEM SPECIAL and BPX.SUPERUSER to user profile. Does this by using an unsecured/updateable APF authorized library APFLIB and updating the user's ACEE using this program/library. Note: This privesc only works with z/OS systems using RACF, no other ESM is...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2016/05/13 12:0 a.m.23 views

FTP JCL Execution

require 'msf/core' require 'msf/core/exploit/tcp' class MetasploitModule 'FTP JCL Execution', 'Description' = %qSubmit JCL to z/OS via FTP and SITE FILE=JES. This exploit requires valid credentials on the target system, 'Author' = 'Bigendian Smalls', 'mainframed a.k.a. soldier of fortran',...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2016/05/12 7:46 p.m.10 views

FTP JCL Execution

Submit JCL to z/OS via FTP and SITE FILE=JES. This exploit requires valid credentials on the target system This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FTP JCL Execution', 'Description' =...

0.5AI score
Exploits0
Metasploit
Metasploit
added 2016/04/01 1:42 a.m.62 views

Z/OS (MVS) Command Shell, Reverse TCP

Provide JCL which creates a reverse shell This implementation does not include ebcdic character translation, so a client with translation capabilities is required. MSF handles this automatically. This module requires Metasploit: https://metasploit.com/download Current source:...

7AI score
Exploits0
Metasploit
Metasploit
added 2016/03/29 2:1 a.m.44 views

Generic JCL Test for Mainframe Exploits

Provide JCL which can be used to submit a job to JES2 on z/OS which will exit and return 0. This can be used as a template for other JCL based payloads This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This is a prototy...

7AI score
Exploits0
Rows per page
Query Builder