CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

SUSE CVE•added 2023/02/15 5:4 a.m.•1 views

SUSE CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

9.8CVSS9.6AI score0.12492EPSS

Exploits0References3

Github Security Blog•added 2022/05/13 1:25 a.m.•19 views

Deserialization of Untrusted Data in Jython

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

9.8CVSS7AI score0.12492EPSS

Exploits0References18Affected Software2

OSV•added 2022/05/13 1:25 a.m.•0 views

GHSA-6R7R-JJ8H-PQ6V Deserialization of Untrusted Data in Jython

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

9.8CVSS7.5AI score0.12492EPSS

Exploits0References17

CNVD•added 2017/07/07 12:0 a.m.•2 views

Jython Arbitrary Code Execution Vulnerability

Jython is an implementation of the Python programming language that runs on the Java platform. An arbitrary code execution vulnerability exists in Jython. Allows an attacker to execute arbitrary code via specially designed serialized PyFunction objects...

9.8CVSS9.6AI score0.12492EPSS

Exploits0References1

UbuntuCve•added 2017/07/06 4:29 p.m.•16 views

CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

9.8CVSS7.5AI score0.12492EPSS

Exploits0References1

OSV•added 2017/07/06 4:29 p.m.•5 views

CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

9.8CVSS9.6AI score0.12492EPSS

Exploits0References17

OSV•added 2017/07/06 4:29 p.m.•1 views

UBUNTU-CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

9.8CVSS7.6AI score0.12492EPSS

Exploits0References2

Prion•added 2017/07/06 4:29 p.m.•14 views

Code injection

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

7.5CVSS7.7AI score0.12492EPSS

Exploits0References17Affected Software2

NVD•added 2017/07/06 4:29 p.m.•16 views

CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

9.8CVSS9.6AI score0.12492EPSS

Exploits0References17

OSV•added 2017/07/06 4:29 p.m.•1 views

DEBIAN-CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

9.8CVSS9AI score0.12492EPSS

Exploits0References1

Cvelist•added 2017/07/06 4:0 p.m.•16 views

CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

8.7AI score0.12492EPSS

Exploits0References17

Debian CVE•added 2017/07/06 4:0 p.m.•41 views

CVE-2016-4000

Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object...

9.8CVSS9.6AI score0.12492EPSS

Exploits0

CVE•added 2017/07/06 4:0 p.m.•106 views

CVE-2016-4000

CVE-2016-4000 affects Oracle Enterprise Manager Base Platform (Jython) — a remote code execution via a crafted serialized PyFunction object. The GitHub advisory GHSA-6R7R-JJ8H-PQ6V corroborates deserialization of untrusted data in Jython and references the same CVE. Tenable Nessus entries (e.g., ...

9.8CVSS8.6AI score0.12492EPSS

Exploits0References17Affected Software1

Veracode•added 2017/04/25 3:31 a.m.•20 views

Remote Code Execution (RCE)

Jython is vulnerable to remote code execution RCE. A malicious user can send a serialized pyfunction object to the system that when deserialized causes arbitrary code to be executed...

9.8CVSS9.6AI score0.12492EPSS

Exploits0References19Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by