Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

exploitpack
exploitpackadded 2018/03/15 12:0 a.m.49 views

Spring Data REST 2.6.9 (Ingalls SR9) 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution

Spring Data REST 2.6.9 Ingalls SR9 3.0.1 Kay SR1 - PATCH Request Remote Code Execution // Exploit Title: RCE in PATCH requests in Spring Data REST // Date: 2018-03-10 // Exploit Author: Antonio Francesco Sardella // Vendor Homepage: https://pivotal.io/ // Software Link:...

7.5CVSS0.4AI score0.93978EPSS
Exploits6
Prion
Prionadded 2018/01/04 6:29 a.m.19 views

Code injection

Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 Ingalls SR9, versions prior to 3.0.1 Kay SR1 and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code...

7.5CVSS9.3AI score0.93978EPSS
Exploits6References4Affected Software2
CVE
CVEadded 2018/01/04 6:0 a.m.232 views

CVE-2017-8046

CVE-2017-8046 is a remote code execution vulnerability affecting Spring Data REST before versions 2.6.9 (Ingalls SR9) and 3.0.1 (Kay SR1), and Spring Boot before 1.5.9 or 2.0 M6. When processing specially crafted JSON in PATCH requests, an attacker could execute arbitrary Java code on affected se...

9.8CVSS9.2AI score0.93978EPSS
In wildExploits6References4Affected Software1
Rows per page
Query Builder