79 matches found
CVE-2020-10917
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of proper validation of...
EUVD-2017-2572
Malware in sbrugna...
EUVD-2019-0709
Malware in sbrugna...
EUVD-2019-0747
Malware in sbrugna...
EUVD-2023-30275
Malicious code in bioql PyPI...
EUVD-2020-23784
Malicious code in bioql PyPI...
Samsung MagicINFO 9 Server MagicInfoCache Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of proper validation of...
CVE-2021-34371
Neo4j through 3.4.18 with the shell server enabled exposes an RMI service that arbitrarily deserializes Java objects, e.g., through setSessionVariable. An attacker can abuse this for remote code execution because there are dependencies with exploitable gadget chains...
CVE-2020-3943
vRealize Operations for Horizon Adapter 6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1 uses a JMX RMI service which is not securely configured. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may be able to execute arbitrary code ...
The vulnerability of the RMI service of the IBM InfoSphere Information Server software platform allows a perpetrator to execute arbitrary code.
The vulnerability of the RMI service of the IBM InfoSphere Information Server software platform is related to the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
BIT-NEO4J-2021-34371
Neo4j through 3.4.18 with the shell server enabled exposes an RMI service that arbitrarily deserializes Java objects, e.g., through setSessionVariable. An attacker can abuse this for remote code execution because there are dependencies with exploitable gadget chains...
Code injection
An issue was discovered in Couchbase Server through 7.1.4 before 7.1.5 and before 7.2.1. There are Unauthenticated RMI Service Ports Exposed in Analytics...
CVE-2023-26455
RMI was not requiring authentication when calling ChronosRMIService:setEventOrganizer. Attackers with local or adjacent network access could abuse the RMI service to modify calendar items using RMI. RMI access is restricted to localhost by default. The interface has been updated to require...
CVE-2023-26455
RMI was not requiring authentication when calling ChronosRMIService:setEventOrganizer. Attackers with local or adjacent network access could abuse the RMI service to modify calendar items using RMI. RMI access is restricted to localhost by default. The interface has been updated to require...
Authentication flaw
RMI was not requiring authentication when calling ChronosRMIService:setEventOrganizer. Attackers with local or adjacent network access could abuse the RMI service to modify calendar items using RMI. RMI access is restricted to localhost by default. The interface has been updated to require...
Oracle Linux 8 : pki-core:10.6 / and / pki-deps:10.6 (ELSA-2020-1644)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1644 advisory. - A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a...
Security Bulletin: IBM InfoSphere Information Server is affected by a remote code execution vulnerability (CVE-2023-32336)
Summary A remote code execution vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-32336 DESCRIPTION: IBM InfoSphere Information Server is affected by a remote code execution vulnerability due to insecure deserialization in an RMI service. CVSS...
CVE-2023-32336
IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an RMI service. IBM X-Force ID: 255285...
Remote code execution
IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an RMI service. IBM X-Force ID: 255285...
CVE-2023-32336
IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an RMI service. Root cause: insecure deserialization in the RMI handler. Impact: remote code execution with high confidentiality, integrity, and availability implications...