54 matches found
EUVD-2018-0497
Malware in sbrugna...
EUVD-2021-1660
Malware in sbrugna...
EUVD-2009-1197
Malware in sbrugna...
EUVD-2009-4236
Malware in sbrugna...
EUVD-2009-1196
Malware in sbrugna...
EUVD-2018-0651
Malware in sbrugna...
CVE-2021-37578
Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...
K89010078: Apache vulnerabilities CVE-2018-1307, CVE-2018-1298, CVE-2018-1299, CVE-2018-1287, and CVE-2018-1297
Security Advisory Description CVE-2018-1307 In Apache jUDDI 3.2 through 3.3.4, if using the WADL2Java or WSDL2Java classes, which parse a local or remote XML document and then mediates the data structures into UDDI data structures, there are little protections present against entity expansion and...
The vulnerability of the Apache jUDDI software lies in its ability to restore unreliable data from memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Apache jUDDI software lies in the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
org.apache.geronimo.plugins:uddi-war-repackage (>=3.0-beta-1 <=3.0.1), org.apache.juddi.client.plugins:juddi-ddl-generator (>=3.2.1 <=3.3.1) +13 more potentially affected by CVE-2021-37578 via org.apache.juddi:juddi-core (>=3.0.0 <=3.3.1)
org.apache.juddi:juddi-core MAVEN version =3.0.0, =3.0-beta-1, =3.2.1, =3.2.1, =3.0.0.alpha, =3.0.3, =3.0.0, =3.0.0, =3.0.0, =3.2.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.1.0 Source cves: CVE-2021-37578 Source advisory: OSV:GHSA-9HX8-2MRV-R674...
GHSA-9HX8-2MRV-R674 Deserialization of Untrusted Data in Apache jUDDI
Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...
Deserialization of Untrusted Data in Apache jUDDI
Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...
Apache jUDDI code issue vulnerability
Apache jUDDI is a java implementation of UDDI open source package that serves WebServices. jUDDI versions prior to Apache jUDDI 3.3.10 have a code issue vulnerability that can be exploited by attackers to remotely run arbitrary code...
CVE-2021-37578
Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...
CVE-2021-37578
Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...
Design/Logic Flaw
Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...
CVE-2021-37578
Apache jUDDI prior to 3.3.10 exposed a deserialization-based remote code execution vector via RMI. The issue arises from Java serialization in RMI entries, potentially allowing remote code execution if exploited. RMI is disabled by default for jUDDI web services/clients, and starting with 3.3.10 ...
CVE-2021-37578 Remote code execution via RMI
Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...
Apache jUDDI 代码问题漏洞
Apache jUDDI is a java implementation of UDDI open source package that serves WebServices. jUDDI versions prior to Apache jUDDI 3.3.10 have a code issue vulnerability that can be exploited by attackers to remotely run arbitrary code...
Log Spoofing
Apache jUDDI is vulnerable to log spoofing. An error with the logging of keys allow an attacker to spoof entries in the log files, such as creating a false entry for a non-existent action...