Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-0742

Malware in sbrugna...

5.9CVSS5.7AI score0.01558EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-9341

Malware in sbrugna...

9CVSS8.8AI score0.07543EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 1:32 p.m.9 views

CVE-2020-17388

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Tomcat...

9CVSS7.5AI score0.07543EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/10/09 12:0 a.m.5 views

The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System (GMS), a global network firewall management system, stems from the rigid encoding of application Tomcat’s configuration files. This allows attackers to exploit their privileges.

The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System GMS global network management system is related to the rigid encoding of application Tomcat’s configuration files. Exploiting this vulnerability can allow a malicious actor to increase their...

7.8CVSS7.7AI score0.00591EPSS
Exploits0References4Affected Software2
GithubExploit
GithubExploit
added 2022/11/28 2:34 p.m.451 views

Exploit for Code Injection in Vmware Spring_Framework

Spring Boot CVE-2022-22965 Docker PoC for CVE-2022-22965 with...

9.8CVSS8.9AI score0.99677EPSS
Exploits100
GithubExploit
GithubExploit
added 2022/04/01 6:50 a.m.456 views

Exploit for Code Injection in Vmware Spring_Framework

CVE-2022-22965 Spring Framework/CVE-2022-22965https://vuln...

9.8CVSS8.6AI score0.99677EPSS
Exploits100
NVD
NVD
added 2020/08/25 9:15 p.m.14 views

CVE-2020-17388

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Tomcat...

9CVSS9AI score0.07543EPSS
Exploits0References2
Prion
Prion
added 2020/08/25 9:15 p.m.10 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Tomcat...

9CVSS9AI score0.07543EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/08/25 8:21 p.m.16 views

CVE-2020-17388

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Tomcat...

8.8CVSS8.9AI score0.07543EPSS
Exploits0References2
CVE
CVE
added 2020/08/25 8:21 p.m.55 views

CVE-2020-17388

The CVE-2020-17388 issue affects Marvell QConvergeConsole 5.5.0.64. The root cause is a misconfigured Tomcat admin console without proper access restrictions, allowing an attacker to bypass authentication and execute code with SYSTEM privileges. Multiple sources (ZDI-20-975 and Red Hat/CVE aggreg...

9CVSS9AI score0.07543EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/08/11 12:0 a.m.4 views

Marvell QConvergeConsole Remote Code Execution Vulnerability (CNVD-2020-46348)

Marvell QConvergeConsole QCC is a unified adapter management software across data centers from Marvell. The software is primarily used for Ethernet and Fibre Channel adapter management, among other things. A remote code execution vulnerability exists in the Tomcat configuration file in Marvell...

9CVSS8.2AI score0.07543EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2020/08/10 12:0 a.m.35 views

Marvell QConvergeConsole Exposed Dangerous Method or Function Remote Code Execution

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Tomcat...

8.8CVSS2.9AI score0.07543EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/07/09 12:0 a.m.5 views

The vulnerability of the /usr/lib/tmpfiles.d/tomcat.conf component of the Tomcat package on the SUSE Linux Enterprise operating system allows a hacker to gain increased privileges.

The vulnerability of the /usr/lib/tmpfiles.d/tomcat.conf component of the Tomcat package in the SUSE Linux Enterprise operating system is related to errors in the use of standard permissions. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.7CVSS6.4AI score0.00857EPSS
Exploits1References5Affected Software7
OSV
OSV
added 2018/07/11 8:29 p.m.19 views

CVE-2016-0708

Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. For applications to be vulnerable, they must have been staged using automatic buildpack...

5.9CVSS6.8AI score0.01558EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/03/07 7:6 p.m.7 views

tomcat: tomcat writable config files allow privilege escalation

It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges...

7.8CVSS7.3AI score0.00693EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/10/10 8:38 p.m.3 views

tomcat: Local privilege escalation via systemd-tmpfiles service

It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges...

7.8CVSS7.3AI score0.03782EPSS
Exploits8References5
Exploit DB
Exploit DB
added 2014/10/02 12:0 a.m.34 views

ManageEngine OpManager / Social IT - Arbitrary File Upload (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'ManageEngine OpManager / Social IT Arbitrary File Upload', 'Description' = %q This module exploits a file upload vulnerability in...

5CVSS7.4AI score0.79476EPSS
Exploits12
Metasploit
Metasploit
added 2014/09/27 6:33 p.m.25 views

ManageEngine OpManager and Social IT Arbitrary File Upload

This module exploits a file upload vulnerability in ManageEngine OpManager and Social IT. The vulnerability exists in the FileCollector servlet which accepts unauthenticated file uploads. This module has been tested successfully on OpManager v8.8 - v11.3 and on version 11.0 of SocialIT for Window...

5CVSS7.2AI score0.79476EPSS
Exploits12
exploitpack
exploitpack
added 2014/07/01 12:0 a.m.105 views

IBM Algorithmics RICOS 4.5.0 4.7.0 - Multiple Vulnerabilities

IBM Algorithmics RICOS 4.5.0 4.7.0 - Multiple Vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple severe vulnerabilities product: IBM Algorithmics RICO...

6.8CVSS0.3AI score0.0571EPSS
Exploits8
exploitpack
exploitpack
added 2001/08/16 12:0 a.m.9 views

Jakarta Tomcat 3.x4.0 - Error Message Information Disclosure

Jakarta Tomcat 3.x4.0 - Error Message Information Disclosure source: https://www.securityfocus.com/bid/3199/info When a malformed request is made for a Java Server Page the server displays an error page. The error page contains potentially sensitive information, along with the absolute path of th...

7.2AI score
Exploits0
Rows per page
Query Builder