Lucene search
+L

5 matches found

veracode
veracode
added 2022/05/04 8:44 a.m.33 views

Remote Code Execution

com.bstek.ureport:ureport2-console is vulnerable to remote code execution. A remote attacker is able to read sensitive user files and deserialize local gadgets by connecting the system to a malicious database server...

9.8CVSS4.7AI score0.02907EPSS
Exploits1References1Affected Software1
osv
osv
added 2022/05/03 12:0 a.m.31 views

GHSA-W39X-CHVM-PJ3C Deserialization of Untrusted Data in com.bstek.ureport:ureport2-console

All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets...

9.8CVSS6AI score0.02907EPSS
Exploits1References4
cvelist
cvelist
added 2022/05/01 3:30 p.m.34 views

CVE-2022-25767 Remote Code Execution

All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets...

9.8CVSS9.8AI score0.02907EPSS
Exploits1References2
attackerkb
attackerkb
added 2022/05/01 3:25 p.m.2 views

CVE-2022-25767

All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets...

9.8CVSS7.4AI score0.02907EPSS
Exploits1References3
snyk
snyk
added 2021/12/20 5:10 p.m.5 views

Remote Code Execution (RCE)

Overview com.bstek.ureport:ureport2-console is an UReport2 is a high-performance pure Java report engine based on Spring architecture, where complex Chinese-style statements and reports can be prepared by iterating over cells. Affected versions of this package are vulnerable to Remote Code...

9.8CVSS7.2AI score0.02907EPSS
Exploits1References2
Rows per page
Query Builder