Lucene search
+L

7 matches found

osv
osv
added 2026/07/01 9:17 p.m.3 views

UBUNTU-CVE-2026-55153

mchange-commons-java is a Java library of shared utility classes used by mchange projects like the c3p0 connection pool. Prior to version 0.6.0, its JNDI ObjectFactory implementation com.mchange.v2.naming.JavaBeanObjectFactory will construct objects of arbitrary classes and initialize...

7.1CVSS5.9AI score0.00327EPSS
Exploits0References3
veracode
veracode
added 2022/09/30 3:42 a.m.50 views

Remote Code Execution (RCE)

redshift-jdbc42 is vulnerable to remote code execution. The vulnerability exists because the verifyPeerName function of MakeSSL.java does not properly check the class type when instantiating an object from a class name, allowing an attacker to inject and execute malicious code through the object...

8.1CVSS8.3AI score0.01479EPSS
Exploits1References4Affected Software1
prion
prion
added 2022/09/29 9:15 p.m.21 views

Design/Logic Flaw

In Amazon AWS Redshift JDBC Driver aka amazon-redshift-jdbc-driver or redshift-jdbc42 before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name...

5.1CVSS8AI score0.01479EPSS
Exploits1References2Affected Software1
cnnvd
cnnvd
added 2022/09/29 12:0 a.m.6 views

Amazon AWS Redshift JDBC Driver 代码问题漏洞

Amazon AWS is a cloud computing platform from the U.S.-based Amazon.com that provides a range of services including information technology infrastructure and applications such as storage, databases, computing, machine learning, and more to individuals, businesses, and governments. A security...

8.8CVSS7.7AI score0.01479EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2022/09/29 12:0 a.m.10 views

CVE-2022-41828

In Amazon AWS Redshift JDBC Driver aka amazon-redshift-jdbc-driver or redshift-jdbc42 before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name...

8.1AI score0.01479EPSS
Exploits1References2
cvelist
cvelist
added 2022/09/29 12:0 a.m.39 views

CVE-2022-41828

In Amazon AWS Redshift JDBC Driver aka amazon-redshift-jdbc-driver or redshift-jdbc42 before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name...

8.3AI score0.01479EPSS
Exploits1References2
gitee
gitee
added 2021/10/17 12:0 a.m.2 views

SpringBootVulExploit

This repository is an offensive tool for Spring Boot exploitation, specifically targeting various vulnerabilities in Spring Boot applications. The primary vulnerability being targeted is a deserialization vulnerability in the Spring Boot framework, which can lead to remote code execution RCE. The...

8.5AI score
Exploits0
Rows per page
Query Builder