Lucene search
K

293 matches found

Cvelist
Cvelist
added 2020/06/22 5:39 p.m.40 views

CVE-2020-10740

A vulnerability was found in Wildfly in versions before 20.0.0.Final, where a remote deserialization attack is possible in the Enterprise Application BeansEJB due to lack of validation/filtering capabilities in wildfly...

6.6CVSS7.4AI score0.0172EPSS
Exploits0References1
CVE
CVE
added 2020/06/22 5:39 p.m.274 views

CVE-2020-10740

CVE-2020-10740 affects WildFly (Enterprise Java Beans) with a remote deserialization vulnerability caused by insufficient validation/filtering in WildFly prior to 20.0.0.Final. The issue is referenced in Red Hat/JBoss advisories (e.g., RHSA-2025:9582) as a fixed item for WildFly/EAP 7.x deploymen...

7.5CVSS7.2AI score0.0172EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2020/06/22 12:0 a.m.3 views

PT-2020-12305 · Red Hat · Wildfly

Name of the Vulnerable Software and Affected Versions: Wildfly versions prior to 20.0.0.Final Description: A remote deserialization attack is possible in the Enterprise Application Beans EJB due to lack of validation/filtering capabilities in Wildfly. This issue allows for a potential attack...

7.5CVSS6.8AI score0.0172EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2020/06/22 12:0 a.m.33 views

CVE-2020-10740

A vulnerability was found in Wildfly in versions before 20.0.0.Final, where a remote deserialization attack is possible in the Enterprise Application BeansEJB due to lack of validation/filtering capabilities in wildfly. Recent assessments: space-r7 at July 17, 2020 2:11pm UTC reported: Versions o...

7.5CVSS4.4AI score0.0172EPSS
Exploits0References2
OSV
OSV
added 2018/02/15 10:29 p.m.2 views

CVE-2017-5790

A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center IMC PLAT version 7.2 E0403P06 was found...

9.8CVSS5.8AI score0.1834EPSS
Exploits0References3
NVD
NVD
added 2018/02/15 10:29 p.m.27 views

CVE-2017-5790

A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center IMC PLAT version 7.2 E0403P06 was found...

10CVSS9.5AI score0.1834EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/02/15 10:0 p.m.21 views

CVE-2017-5790

A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center IMC PLAT version 7.2 E0403P06 was found...

9.6AI score0.1834EPSS
Exploits0References3
CVE
CVE
added 2018/02/15 10:0 p.m.73 views

CVE-2017-5790

CVE-2017-5790 is a remote deserialization vulnerability in HPE Intelligent Management Center (IMC) PLAT 7.2 E0403P06 . The flaw exists in the accessMgrServlet and allows unauthenticated remote code execution by deserializing untrusted data. Multiple sources (ZDI-17-166, CNVD-2017-02625, NVD entry...

10CVSS9.4AI score0.1834EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2016/04/21 2:58 p.m.7 views

OpenJDK: unrestricted deserialization of authentication credentials (JMX, 8144430)

It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger...

10CVSS7.3AI score0.92334EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2015/12/07 8:46 p.m.5 views

apache-commons-collections: InvokerTransformer code execution during deserialisation

It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections...

10CVSS8AI score0.83274EPSS
Exploits8References6
OSV
OSV
added 2014/05/27 2:55 p.m.4 views

UBUNTU-CVE-2013-2225

inc/ticket.class.php in GLPI 0.83.9 and earlier allows remote attackers to unserialize arbitrary PHP objects via the predefinedfields parameter to front/ticket.form.php...

6.4CVSS7.2AI score0.07563EPSS
Exploits2References3
seebug.org
seebug.org
added 2009/05/21 12:0 a.m.50 views

Mac OS X Java applet Remote Deserialization Remote PoC (updated)

No description provided by source. Critical Mac OS X Java Vulnerabilities Introduction Five months ago, CVE-2008-5353 and other vulnerabilities were publicly disclosed, and fixed by Sun. CVE-2008-5353 allows malicious code to escape the Java sandbox and run arbitrary commands with the permissions...

10CVSS0.3AI score0.84807EPSS
Exploits19
Exploit DB
Exploit DB
added 2009/05/20 12:0 a.m.77 views

Apple Mac OSX - Java applet Remote Deserialization Remote (2)

Critical Mac OS X Java Vulnerabilities Introduction Five months ago, CVE-2008-5353 and other vulnerabilities were publicly disclosed, and fixed by Sun. CVE-2008-5353 allows malicious code to escape the Java sandbox and run arbitrary commands with the permissions of the executing user. This may...

10CVSS7.8AI score0.84807EPSS
Exploits19
Rows per page
Query Builder