Lucene search
K

281 matches found

vulnersOsv
vulnersOsv
added 2022/05/14 12:54 a.m.5 views

com.amashchenko.struts2.actionflow:struts2-actionflow-plugin (=2.4.0), com.amashchenko.struts2.actionflow:struts2-actionflow-showcase (=2.4.0) +68 more potentially affected by CVE-2016-3081 via org.apache.struts:struts2-core (>=2.3.1.1 <=2.3.20.1)

org.apache.struts:struts2-core MAVEN version =2.3.1.1, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =1.1.0, =1.1.0, =2.0.1 - com.jgeppert.struts2.jquery:struts2-jquery-chart-plugin =3.3.0 - com.jgeppert.struts2.jquery:struts2-jquery-grid-plugin =3.3.0 - com.jgeppert.struts2.jquery:struts2-jquery-mobile-plugin...

9.3CVSS7.2AI score0.9373EPSS
Exploits12
vulnersOsv
vulnersOsv
added 2022/05/14 12:54 a.m.8 views

org.apache.struts:struts2-apps (=2.3.28), org.apache.struts:struts2-assembly (=2.3.28) +39 more potentially affected by CVE-2016-3087 via org.apache.struts:struts2-core (=2.3.28)

org.apache.struts:struts2-core MAVEN version =2.3.28 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.struts:struts2-core and may be impacted: - org.apache.struts:struts2-apps =2.3.28 - org.apache.struts:struts2-assembly =2.3.28 -...

9.8CVSS7.2AI score0.81087EPSS
Exploits4
vulnersOsv
vulnersOsv
added 2022/05/14 12:54 a.m.6 views

com.jgeppert.struts2.bootstrap:struts2-bootstrap-showcase (>=2.5.1 <=4.0.1), com.jgeppert.struts2.jquery:struts2-jquery-grid-showcase (=4.0.3) +11 more potentially affected by CVE-2016-6795 via org.apache.struts:struts2-convention-plugin (>=2.5.1 <=2.5.33)

org.apache.struts:struts2-convention-plugin MAVEN version =2.5.1, =2.5.1, =1.0.0, =1.0.0, =1.0.0, =8.5.5-8.5.5-20220801, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.33 Source cves: CVE-2016-6795 Source advisory: OSV:GHSA-44HV-JJX7-QFJG...

9.8CVSS7.2AI score0.08438EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/14 12:54 a.m.5 views

com.github.kaitoy.sneo:giane (>=1.2.0 <=1.2.3), com.googlecode.struts2-conversation:struts2-conversation-scope-plugin (=1.3.1) +13 more potentially affected by CVE-2016-6795 via org.apache.struts:struts2-convention-plugin (>=2.3.1 <=2.3.30)

org.apache.struts:struts2-convention-plugin MAVEN version =2.3.1, =1.2.0, =1.1.0, =3.3.0, =3.3.0, =2.3.1, =2.3.1, =2.3.1, =2.3.1, =3.0.0, =4.0.0, =1.0, =1.2.2, =1.3.5 Source cves: CVE-2016-6795 Source advisory: OSV:GHSA-44HV-JJX7-QFJG...

9.8CVSS7.2AI score0.08438EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/14 12:52 a.m.5 views

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +214 more potentially affected by CVE-2016-0785 via org.apache.struts:struts2-core (>=2.0.11 <=2.3.20.1)

org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =0.5.9, =1.2.0, =1.0.0, =1.2.6 and more Source cves: CVE-2016-0785 Source advisory: OSV:GHSA-876P-4WGC-75RX...

9CVSS7.2AI score0.08812EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/13 1:16 a.m.7 views

br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8), br.net.woodstock.rockframework:rockframework-web (>=1.2.4 <=3.0.1) +115 more potentially affected by CVE-2013-2115 via org.apache.struts.xwork:xwork-core (>=2.2.1 <=2.3.14.1)

org.apache.struts.xwork:xwork-core MAVEN version =2.2.1, =2.0.0, =1.2.4, =1.2.0, =1.0.3, =3.0, =1.7.3, =1.7.3, =1.7.3, =2.4.0, =2.4.0, =3.0.0, =3.0.0, =2.4.0, =3.2.1 and more Source cves: CVE-2013-2115 Source advisory: OSV:GHSA-7GHM-RPC7-P7G5https://vulners.com/osv/OSV:GHSA-7GHM...

9.3CVSS7.2AI score0.72778EPSS
Exploits9
vulnersOsv
vulnersOsv
added 2022/05/13 1:14 a.m.8 views

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +133 more potentially affected by CVE-2013-2251 via org.apache.struts:struts2-core (>=2.0.5 <=2.3.15)

org.apache.struts:struts2-core MAVEN version =2.0.5, =2.0.0, =1.2.1, =1.2.0, =1.0.3, =0.6, =3.0, =5.0.1 - com.google.inject.extensions:guice-struts2-plugin =2.0 - com.google.inject.integration:guice-struts2-plugin =1.0 - com.googlecode.rapid-framework:rapid-core =4.0 and more Source cves:...

9.8CVSS7.1AI score0.99998EPSS
Exploits18
vulnersOsv
vulnersOsv
added 2022/05/04 12:29 a.m.7 views

ca.stellardrift.guice-backport.extensions:guice-struts2 (=5.0.1), com.google.inject.extensions:guice-struts2 (>=3.0 <=5.0.1) +63 more potentially affected by CVE-2012-0393 via org.apache.struts.xwork:xwork-core (>=2.2.1 <=2.2.3)

org.apache.struts.xwork:xwork-core MAVEN version =2.2.1, =3.0, =2.4.0, =2.4.0, =3.0.0, =3.0.0, =2.4.0, =2.4.0, =2.4.0, =3.0.0, =2.0.0, =0.9.2, =0.9.0, =0.9.1 - io.forestframework:guice-struts2 =5.0.1.1 and more Source cves: CVE-2012-0393 Source advisory: OSV:GHSA-HXQQ-W4MR-MC62...

6.4CVSS7.2AI score0.38261EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/05/04 12:29 a.m.11 views

ca.stellardrift.guice-backport.extensions:guice-struts2 (=5.0.1), com.google.inject.extensions:guice-struts2 (>=3.0 <=5.0.1) +63 more potentially affected by CVE-2012-0391 via org.apache.struts.xwork:xwork-core (>=2.2.1 <=2.2.3)

org.apache.struts.xwork:xwork-core MAVEN version =2.2.1, =3.0, =2.4.0, =2.4.0, =3.0.0, =3.0.0, =2.4.0, =2.4.0, =2.4.0, =3.0.0, =2.0.0, =0.9.2, =0.9.0, =0.9.1 - io.forestframework:guice-struts2 =5.0.1.1 and more Source cves: CVE-2012-0391 Source advisory: OSV:GHSA-4WRR-9H5R-M92W...

9.8CVSS7.1AI score0.75071EPSS
Exploits11
vulnersOsv
vulnersOsv
added 2022/05/04 12:29 a.m.5 views

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-web (>=1.2.1 <=1.2.2) +80 more potentially affected by CVE-2012-0392 via org.apache.struts:struts2-core (>=2.0.5 <=2.2.3)

org.apache.struts:struts2-core MAVEN version =2.0.5, =1.2.1, =0.6, =3.0, =2.4.0, =2.1.0, =3.1.1 and more Source cves: CVE-2012-0392 Source advisory: OSV:GHSA-2PPP-XJ34-VVF7...

6.8CVSS7.5AI score0.96787EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2022/04/23 12:40 a.m.30 views

Unrestricted Upload of File with Dangerous Type in Apache Struts2

A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files. A patch exists as of version 2.5.22...

8.8CVSS3.5AI score0.2855EPSS
Exploits0References16Affected Software1
OSV
OSV
added 2022/04/23 12:40 a.m.18 views

GHSA-8M5Q-CRQQ-6PMF Unrestricted Upload of File with Dangerous Type in Apache Struts2

A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files. A patch exists as of version 2.5.22...

8.8CVSS8.9AI score0.2855EPSS
Exploits0References16
GithubExploit
GithubExploit
added 2022/04/15 4:9 p.m.667 views

Exploit for Expression Language Injection in Apache Struts

CVE-2021-31805 PoC for CVE-2021-31805 Apache Struts2 CVE-20...

9.8CVSS9.7AI score0.85315EPSS
Exploits16
GithubExploit
GithubExploit
added 2022/04/15 10:28 a.m.671 views

Exploit for Expression Language Injection in Apache Struts

Struts2S2-062CVE-2021-31805 Apache Struts2 S2-062 remote c...

9.8CVSS7.6AI score0.85315EPSS
Exploits16
GithubExploit
GithubExploit
added 2022/04/15 4:23 a.m.61 views

Exploit for Expression Language Injection in Apache Struts

CVE-2021-31805 Remote code execution S2-062 CVE-2021-31805...

9.8CVSS10AI score0.95922EPSS
Exploits16
vulnersOsv
vulnersOsv
added 2022/04/13 12:0 a.m.7 views

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +301 more potentially affected by CVE-2021-31805 via org.apache.struts:struts2-core (>=2.0.11 <=2.5.29)

org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =1.2, =1.0, =1.0, =1.0, =1.0.4 and more Source cves: CVE-2021-31805 Source advisory: OSV:GHSA-V8J6-6C2R-R27C...

9.8CVSS7.1AI score0.85315EPSS
Exploits16
Rapid7 Blog
Rapid7 Blog
added 2021/12/17 10:53 p.m.151 views

Metasploit Wrap-Up

Log4Shell - Log4j HTTP Scanner Versions of Apache Log4j impacted by CVE-2021-44228 which allow JNDI features used in configuration, log messages, and parameters, do not protect against attacker controlled LDAP and other JNDI related endpoints. This module will scan an HTTP endpoint for the...

9.3CVSS0.3AI score0.99999EPSS
Exploits356
GithubExploit
GithubExploit
added 2021/12/13 11:29 a.m.276 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4JExploitation-VulnerabiliyCVE-2021-44228. !Untitled...

10CVSS9.2AI score0.99999EPSS
Exploits351
ThreatPost
ThreatPost
added 2021/12/10 5:58 p.m.85 views

Zero Day in Ubiquitous Apache Log4j Tool Under Active Attack

An excruciating, easily exploited flaw in the ubiquitous Java logging library Apache Log4j could allow unauthenticated remote code execution RCE and complete server takeover — and it’s being exploited in the wild. The flaw first turned up on sites that cater to users of the world’s favorite game,...

10CVSS9.8AI score0.99999EPSS
Exploits351References28
Rapid7 Blog
Rapid7 Blog
added 2021/12/10 3:30 p.m.207 views

Widespread Exploitation of Critical Remote Code Execution in Apache Log4j

Table of Contents Overview Affected versions Mitigation and detection guidance Rapid7 customers InsightVM and Nexpose InsightIDR and Managed Detection and Response Velociraptor tCell InsightCloudSec IntSights Attacks and campaigns External resources Updates Need clarity on detecting and mitigatin...

9.3CVSS0.2AI score0.99999EPSS
Exploits358
Rows per page
Query Builder