6 matches found
EUVD-2023-56362
Malicious code in bioql PyPI...
PT-2024-14225 · Hertzbeat · Hertzbeat
Name of the Vulnerable Software and Affected Versions: Hertzbeat versions prior to 1.4.1 Description: Hertzbeat is a real-time monitoring system. In the implementation of JmxCollectImpl.java, JMXConnectorFactory.connect is vulnerable to JNDI injection. The corresponding interface is...
Security Bulletin: WebSphere Application Server Community Edition 3.0.0.3 RMI classloader exposure
Abstract A problem in the RMI classloader may enable an attacker to send a serializated object via JMX that could compromise the system. Content Vulnerability Details A specially crafted serialized object sent via the JMX connector could compromise the system due to a misconfigured RMI classloade...
JMX Rebind Flaw
camel is vulnerable to JMX rebind. The vulnerability exists due to a lack of security on JMX connector configuration...
CVE-2019-7727
In NICE Engage through 6.5, the default configuration binds an unauthenticated JMX/RMI interface to all network interfaces, without restricting registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol by using the JMX connector. The observed affected TC...
SUSE-SU-2016:0959-1 Security update for java-1_7_0-openjdk
The OpenJDK Java java-170-openjdk was updated to 2.6.5 to fix the following issues: Update to 2.6.5 - OpenJDK 7u99 bsc972468 Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX remot...