11 matches found
Security Bulletin: Due to use of Apache Commons, IBM Operations Analytics - Log Analysis is affected by Improper Handling of Untrusted Input During Deserialization
Summary Apache Commons is used by IBM Operations Analytics - Log Analysis as part of the configuration parsing in Apache Solr CVE-2017-15708, CVE-2019-13116 and Java Deserialization CVE-2015-4852, CVE-2015-6420, CVE-2015-7501 Vulnerability Details CVEID:CVE-2015-4852 DESCRIPTION: The WLS Security...
EUVD-2017-18260
Malware in sbrugna...
CVE-2019-14224
An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution on the victim machine. The attacker must upload malicious Solr...
CVE-2019-14224
An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution on the victim machine. The attacker must upload malicious Solr...
CVE-2019-14224
An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution on the victim machine. The attacker must upload malicious Solr...
Deserialization of untrusted data
An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution on the victim machine. The attacker must upload malicious Solr...
CVE-2019-14224
An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution on the victim machine. The attacker must upload malicious Solr...
Apache Solr XML External Entity Injection Vulnerability (CNVD-2018-10076)
Apache Solr is a U.S. Apache Apache Software Foundation based on Lucene a full-text search engine architecture of the search server , which supports level search , vertical search , highlighting search results , a variety of output formats and so on. An XML external entity injection vulnerability...
Solr: Code execution via entity expansion
It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API...
Solr: Code execution via entity expansion
It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API...
Solr: Code execution via entity expansion
It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API...