52 matches found
EUVD-2015-6400
Malware in sbrugna...
EUVD-2018-2687
Malware in sbrugna...
EUVD-2018-2683
Malware in sbrugna...
EUVD-2018-2685
Malware in sbrugna...
GE MDS PulseNET XML External Entity Expansion (CVE-2018-10613)
An XML external entity expansion vulnerability exists in GE MDS PulseNET. Successful exploitation of this vulnerability could result in the disclosure of file contents from the target system...
GE MDS PulseNET Insecure Deserialization (CVE-2018-10611)
An insecure deserialization vulnerability has been reported in GE MDS PulseNET and PulseNET Enterprise. The vulnerability is due to deserialization of untrusted data on a JBoss Remoting port. Successful exploitation can result in arbitrary code execution in the context of the user running PulseNE...
GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of GE MDS PulseNET. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the UpdateProblemTickets method of the...
GE MDS PulseNET Pooled Invoker Deserialization Of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE MDS PulseNET. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of data from a Java RMI Pooled Invoker port. The issue results from the...
GE MDS PulseNET and MDS PulseNET Enterprise Remote Code Execution Vulnerability
GE MDS PulseNET and MDS PulseNET Enterprise are both products of General Electric GE, U.S.A. GE MDS PulseNET is a suite of network management software designed for radio communication systems. An authorization issue vulnerability exists in the Java Remote Method Invocation RMI input port in GE MD...
GE MDS PulseNET ToolingService Deserialization Of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE MDS PulseNET. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the ToolingService web service. The issue results from the lack of...
GE MDS PulseNET FileServlet Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of GE MDS PulseNET. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the FileServlet...
GE MDS PulseNET XmlAdapterServlet XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of GE MDS PulseNET. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XmlAdapterServlet servlet. Due to the improper restriction of XML External...
GE MDS PulseNET HealthCheck Deserialization Of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE MDS PulseNET. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the HealthCheck web service. The issue results from the lack of prop...
GE MDS PulseNET IntegrationXMLProcessorServlet Write XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of GE MDS PulseNET. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the Write method of the IntegrationXMLProcessorServlet...
GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of GE MDS PulseNET. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the AlarmActions method of the IntegrationXMLProcessorServle...
GE MDS PulseNET and MDS PulseNET Enterprise Information Disclosure Vulnerability
GE MDS PulseNET and MDS PulseNET Enterprise are both products of General Electric GE.GE MDS PulseNET is a suite of network management software designed specifically for radio communication systems.MDS PulseNET Enterprise is its enterprise version. A security vulnerability exists in GE MDS PulseNE...
GE MDS PulseNET CommandLineService Deserialization Of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE MDS PulseNET. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the CommandLineService web service. The issue results from the lack ...
GE MDS PulseNET Account Java RMI Incorrect Privilege Assignment Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE MDS PulseNET. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the configuration of the...
GE MDS PulseNET FglAMServlet XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of GE MDS PulseNET. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FglAMServlet servlet. Due to the improper restriction of XML External Enti...
GE MDS PulseNET and MDS PulseNET Enterprise Directory Traversal Vulnerability
GE MDS PulseNET and MDS PulseNET Enterprise are both products of General Electric GE.GE MDS PulseNET is a suite of network management software designed specifically for radio communication systems.MDS PulseNET Enterprise is its enterprise version. A directory traversal vulnerability exists in GE...