86 matches found
EUVD-2008-2576
Malware in sbrugna...
EUVD-2020-27353
Malware in sbrugna...
EUVD-2007-5769
Malware in sbrugna...
EUVD-2015-2568
Malware in sbrugna...
EUVD-2007-5768
Malware in sbrugna...
VulnCheck KEV: CVE-2016-2386
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
SAP NetWeaver SQL Injection Vulnerability
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Security Bulletin: Vulnerability in Apache Log4j affects WebSphere Application Server (CVE-2021-44228)
Summary There is a vulnerability in the Apache Log4j open source library used by WebSphere Application Server. This affects the WebSphere Application Server Admin Console and the UDDI Registry Application. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-44228...
Deserialization of Untrusted Data in Apache jUDDI
Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...
CVE-2021-37578 Remote code execution via RMI
Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...
CVE-2021-37578
Apache jUDDI prior to 3.3.10 exposed a deserialization-based remote code execution vector via RMI. The issue arises from Java serialization in RMI entries, potentially allowing remote code execution if exploited. RMI is disabled by default for jUDDI web services/clients, and starting with 3.3.10 ...
Oracle WebLogic UDDI Explorer Server-Side Request Forgery
The Oracle WebLogic UDDI Explorer service in Oracle Fusion Middleware versions 10.0.2 and 10.3.6 is affected by a server-side request forgery vulnerability due to the lack of validation of the operator parameter in the SearchPublicRegistries.jsp page. A remote and unauthenticated attacker can...
Oracle WebLogic UDDI Explorer Detected
Oracle WebLogic UDDI Explorer allows authorized users to access and modify information about the web services published in the private WebLogic Server UDDI registries. The scanner has been able to detect that this service is exposed on the target web application and could be leveraged by an...
CVE-2020-6203
SAP NetWeaver UDDI Server Services Registry, versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs, leading to...
CVE-2020-6203
SAP NetWeaver UDDI Server Services Registry, versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs, leading to...
Path traversal
SAP NetWeaver UDDI Server Services Registry, versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs, leading to...
CVE-2020-6203
CVE-2020-6203 concerns SAP NetWeaver UDDI Server (Services Registry) versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50. The vulnerability arises from insufficient validation of path information provided by users, allowing path traversal characters to reach file APIs and potentially access restric...
CVE-2020-6203
SAP NetWeaver UDDI Server Services Registry, versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs, leading to...
Security Bulletin: Security Vulnerabilities have been Identified in Websphere Application Server Shipped with Predictive Customer Intelligence (CVE-2012-5783, CVE-2018-1614, CVE-2014-0114, CVE-2015-0899)
Summary Websphere Application Server is shipped with Predictive Customer Intelligence. Information about security vulnerabilities affecting Websphere Application Server has been published in security bulletins. Vulnerability Details Please consult the security bulletins: Security Bulletin:...
CVE-2019-0351
A remote code execution vulnerability exists in the SAP NetWeaver UDDI Server Services Registry, versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50. Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, ...