155 matches found
CVE-2016-9299
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server...
CVE-2016-9299
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server...
CVE-2016-9299
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server...
Code injection
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server...
CVE-2016-9299
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server...
JFrog Artifactory Arbitrary Code Execution Vulnerability
JFrog Artifactory is an open source, general-purpose Artifact repository manager from Israel's JFrog that supports clustering and high-availability Docker registries and provides an end-to-end automation solution for tracking artifacts from development to production. A security vulnerability exis...
CVE-2016-6496
The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x before 2.9.5 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning...
Design/Logic Flaw
The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x before 2.9.5 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning...
CVE-2016-6496
The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x before 2.9.5 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning...
CVE-2016-6496
CVE-2016-6496 affects Atlassian Crowd LDAP entry handling. The LDAP directory connector is vulnerable to LDAP Java object injection: an attacker can cause remote code execution by sending a crafted serialized Java object in an LDAP attribute. Affected versions are all Crowd 1.4.1 to 2.8.7 (and 2....
VulnCheck KEV: CVE-2016-9299
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server...
CVE-2016-9299
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server. Mitigation...
CVE-2016-7065
The JMX servlet in Red Hat JBoss Enterprise Application Platform EAP 4 and 5 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object...
CVE-2016-7065
The JMX servlet in Red Hat JBoss Enterprise Application Platform EAP 4 and 5 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object...
CVE-2016-7065
The JMX servlet in Red Hat JBoss Enterprise Application Platform EAP 4 and 5 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object...
Design/Logic Flaw
The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections ACC and Commons BeanUtils libraries...
CVE-2016-4385
The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections ACC and Commons BeanUtils libraries...
CVE-2016-4385
The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections ACC and Commons BeanUtils libraries...
CVE-2016-4385
CVE-2016-4385 affects HP Network Automation: RMI registry deserialization in 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 enables remote code execution via a crafted serialized Java object, leveraging Apache Commons Collections and Commons BeanUtils libraries. The vulnerabil...
CVE-2016-4373
The AdminUI in HPE Operations Manager OM before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections ACC library...