45 matches found
Design/Logic Flaw
Keystone 5 is an open source CMS platform to build Node.js applications. This security advisory relates to a newly discovered capability in our query infrastructure to directly or indirectly expose the values of private fields, bypassing the configured access control. This is an access control...
Play Framework Security Vulnerability
Lightbend Play Framework is a web application framework written in the Scala language from Lightbend, Inc. A security vulnerability exists in Play Framework versions 2.8.0 through 2.8.4, which stems from a carefully crafted JSON payload sent as a form field that causes data amplification. This...
Information Disclosure
play-java is vulnerable to information disclosure. The vulnerability exists when performing JSON serialization of classes with protected or private fields through the Java API...
OpenJDK: beans insufficient permission checks, Java 7 0day (beans, 7162473)
Multiple vulnerabilities in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by 1 using com.sun.beans.finder.ClassFinder.findClass and leveraging an...
CVE-2012-4681
Multiple vulnerabilities in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by 1 using com.sun.beans.finder.ClassFinder.findClass and leveraging an...