Lucene search
K

69 matches found

Snyk
Snyk
added 2026/06/22 9:10 p.m.3 views

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the JMX RMI connector. An attacker can execute arbitrary code on the server by sending specially crafted serialized Java objects prior to authentication. Note: This is only exploitable if the JMX...

9.8CVSS6.2AI score
Exploits0References2
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.7 views

Qlik Talend JobServer和Qlik Talend Runtime 安全漏洞

Qlik Talend JobServer and Qlik Talend Runtime are both products of Qlik, a US-based company. Qlik Talend JobServer is a data integration task execution and scheduling service component. Qlik Talend Runtime is a data integration and application runtime environment platform. Both Qlik Talend...

9.8CVSS6.3AI score0.00739EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/26 5:22 p.m.4 views

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the RMI integration. An attacker can execute arbitrary code with the privileges of the user running the instrumented JVM by sending specially crafted serialized data to a network-exposed JMX or RMI...

9.8CVSS6.2AI score0.00933EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-17256

Malware in sbrugna...

9.8CVSS9.5AI score0.02895EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-16372

Malware in sbrugna...

5.3CVSS5.5AI score0.01695EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-17257

Malware in sbrugna...

9.8CVSS9.5AI score0.0397EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-29422

Malware in sbrugna...

7.8CVSS7.6AI score0.00447EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-18852

Malware in sbrugna...

9.8CVSS8.4AI score0.02526EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2021-28391

Malicious code in bioql PyPI...

6.7CVSS5.5AI score0.00425EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.3 views

Intune Management Extension(IME) Installed (Windows)

Binary data microsoftimeinstalled.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.3 views

Microsoft Intune Management Extension < 1.41.203.0 (CVE-2021-31980)

Remote code execution vulnerability in the Microsoft Intune Management Extension 1.41.203.0. The vulnerability allows an unauthenticated attacker to execute arbitrary code on a target machine over the network. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid243954;...

9.8CVSS9AI score0.02526EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.3 views

Microsoft Intune Management Extension < 1.45.204.0 (CVE-2021-41363)

Security feature bypass vulnerability in the Microsoft Intune Management Extension 1.45.204.0. This vulnerability could allow an attacker to bypass security features in the Intune Management Extension. Exploiting this vulnerability requires the attacker to have local user privileges. %NASLMINLEVE...

6.7CVSS6.5AI score0.00425EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 5:23 p.m.6 views

CVE-2020-11998

A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack:...

9.8CVSS9.5AI score0.51225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:51 p.m.10 views

CVE-2020-8574

Active IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Remote Method Invocation JMX RMI service enabled allowing unauthorized code execution to local users...

7.8CVSS7.4AI score0.00447EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/10 12:0 a.m.7 views

PT-2024-12602 · Loftware · Loftware Spectrum

Name of the Vulnerable Software and Affected Versions: Loftware Spectrum versions through 4.6 Description: The issue concerns an unprotected JMX Registry in Loftware Spectrum. Recommendations: For versions through 4.6, consider restricting access to the JMX Registry as a temporary mitigation...

9.8CVSS7.2AI score0.00399EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/03/07 12:0 a.m.3 views

PT-2024-22337 · Ngrinder · Ngrinder

Name of the Vulnerable Software and Affected Versions: nGrinder versions prior to 3.5.9 Description: The issue allows a connection to a malicious JMX/RMI server by default, potentially leading to the execution of arbitrary code via the RMI registry by a remote attacker. Recommendations: For...

9.8CVSS8AI score0.00796EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/02/13 12:0 a.m.5 views

PT-2024-20529 · Typo3 Cms +1 · Typo3/Cms +1

Name of the Vulnerable Software and Affected Versions: sf event mgt versions prior to 7.4.0 Description: The existing access control check for events in the backend module of sf event mgt, an event management and registration extension for the TYPO3 CMS, got broken during the update to TYPO3 12.4...

8.8CVSS5AI score0.00485EPSS
Exploits0References8
VulnCheck KEV
VulnCheck KEV
added 2023/05/12 12:0 a.m.5 views

VulnCheck KEV: CVE-2016-8735

Apache Tomcat contains an unspecified vulnerability that allows for remote code execution if JmxRemoteLifecycleListener is used and an attacker can reach Java Management Extension JMX ports. This CVE exists because this listener wasn't updated for consistency with the Oracle patched issues...

9.8CVSS7.7AI score0.90338EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:44 a.m.5 views

SUSE CVE-2012-5071

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX...

6.4CVSS6.5AI score0.03388EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.5 views

SUSE CVE-2013-2457

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from...

5CVSS8.6AI score0.04507EPSS
Exploits0References16
Rows per page
Query Builder