Page 2 of 45 results (0.024 seconds)

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0

eDeploy has tmp file race condition flaws eDeploy tiene fallos de condición de carrera de archivos tmp. • https://access.redhat.com/security/cve/cve-2014-3701 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3701 https://security-tracker.debian.org/tracker/CVE-2014-3701 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

eDeploy has RCE via cPickle deserialization of untrusted data eDeploy tiene una RCE por medio de la deserialización cPickle de datos no seguros. • https://access.redhat.com/security/cve/cve-2014-3699 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3699 https://security-tracker.debian.org/tracker/CVE-2014-3699 • CWE-502: Deserialization of Untrusted Data •

CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0

An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies Se presenta un problema en la funcionalidad property replacements en cualquier descriptor en JBoxx AS versión 7.1.1 ignora las políticas de seguridad de Java. • https://access.redhat.com/security/cve/cve-2012-2148 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2148 https://security-tracker.debian.org/tracker/CVE-2012-2148 • CWE-269: Improper Privilege Management •

CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 1

eDeploy through at least 2014-10-14 has remote code execution due to eval() of untrusted data eDeploy hasta al menos el 14-10-2014, presenta una ejecución de código remota debido a la función eval() de datos no confiables. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3700 https://security-tracker.debian.org/tracker/CVE-2014-3700 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

JBoss KeyCloak is vulnerable to soft token deletion via CSRF JBoss KeyCloak es vulnerable a la eliminación del token soft por medio de CSRF • https://access.redhat.com/security/cve/cve-2014-3655 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3655 https://snyk.io/vuln/SNYK-JAVA-ORGKEYCLOAK-30138 • CWE-352: Cross-Site Request Forgery (CSRF) •