EUVD-2018-0642

Malware in sbrugna...

Security Bulletin: Multiple vulnerabilities in Akka affect IBM Application Performance Management products.

Summary Akka actor jar is used by IBM Application Performance Management. The vulnerabilities in the product component have been addressed. Vulnerability Details CVEID:CVE-2017-1000034 DESCRIPTION: Akka could allow a remote attacker to execute arbitrary code on the system, caused by a Java...

Jenkins 2.56 CLI Deserialization / Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jenkins CLI Deserialization', 'Description' = %q An unauthenticated Java object deserialization vulnerability exists in the CLI component for...

Akka Java Serialization vulnerability

Akka versions =2.4.16 and 2.5-M1 are vulnerable to a java deserialization attack in its Remoting component resulting in remote code execution in the context of the ActorSystem...

CVE-2017-1000034

Akka versions =2.4.16 and 2.5-M1 are vulnerable to a java deserialization attack in its Remoting component resulting in remote code execution in the context of the ActorSystem...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Framework Kit 2.5.0 security update

An update for the seam-remoting component of Red Hat JBoss Web Framework Kit 2.5.0 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CV...

Red Hat JBoss Seam Framework XXE Information Disclosure (CVE-2013-6447)

An information disclosure vulnerability has been reported in Red Hat JBoss Seam Framework. The vulnerability is due to an incorrectly configured XML parser accepting XML eXternal Entities XXE from untrusted sources being used by the ExecutionHandler, PollHandler, and SubscriptionHandler classes...