Lucene search
K

7 matches found

Veracode
Veracode
added 2026/06/11 6:7 p.m.10 views

Improper Authorization

Twig is vulnerable to Improper Authorization. The vulnerability is due to incomplete enforcement of sandbox security checks for implicit toString calls, which allows an attacker to invoke non-allowlisted toString methods on accessible objects and bypass configured security policies...

5.5AI score0.00044EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2019/05/02 4:44 a.m.38 views

Arbitrary Code Execution

Oracle Java SE is vulnerable to arbitrary code execution attacks. Remote unauthenticated attackers could execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager...

10CVSS9.5AI score0.87227EPSS
Exploits10References25Affected Software2
RedHat Linux
RedHat Linux
added 2013/05/14 5:49 p.m.5 views

OpenJDK: JDBC driver manager improper toString calls (CanSecWest 2013, Libraries, 8009814)

The Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James...

10CVSS7.1AI score0.87227EPSS
Exploits10References4
RedHat Linux
RedHat Linux
added 2013/04/17 6:37 p.m.6 views

OpenJDK: JDBC driver manager improper toString calls (CanSecWest 2013, Libraries, 8009814)

The Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James...

10CVSS7.1AI score0.87227EPSS
Exploits10References4
NVD
NVD
added 2013/03/08 6:55 p.m.26 views

CVE-2013-1488

The Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James...

10CVSS8.6AI score0.87227EPSS
Exploits10References22
Cvelist
Cvelist
added 2013/03/08 6:0 p.m.27 views

CVE-2013-1488

The Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James...

8.9AI score0.87227EPSS
Exploits10References22
UbuntuCve
UbuntuCve
added 2013/03/08 12:0 a.m.38 views

CVE-2013-1488

The Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James...

10CVSS6.9AI score0.87227EPSS
Exploits10References6
Rows per page
Query Builder