4 results (0.004 seconds)

CVSS: 9.8EPSS: 97%CPEs: 97EXPL: 24

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. Una aplicación Spring MVC o Spring WebFlux que es ejecutada en JDK 9+ puede ser vulnerable a la ejecución de código remota (RCE) por medio de una vinculación de datos. • https://github.com/0zvxr/CVE-2022-22965 https://github.com/alt3kx/CVE-2022-22965 https://github.com/zangcc/CVE-2022-22965-rexbb https://github.com/Kirill89/CVE-2022-22965-PoC https://github.com/tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce https://github.com/p1ckzi/CVE-2022-22965 https://github.com/me2nuk/CVE-2022-22965 https://github.com/light-Life/CVE-2022-22965-GUItools https://github.com/viniciuspereiras/CVE-2022-22965-poc https://github.com/itsecurityco/CVE-2022-2 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 10.0EPSS: 18%CPEs: 28EXPL: 0

Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow. Múltiples vulnerabilidades no especificadas en Unified Service Monitor de Cisco anterior a versión 8.6, tal y como es usado en Unified Operations Manager anterior a versión 8.6 y CiscoWorks LAN Management Solution versiones 3.x y 4.x anteriores a 4.1; y múltiples productos de Ionix de EMC, incluido Application Connectivity Monitor (Ionix ACM) versión 2.3 y versiones anteriores, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) versión 3.2.0.2 y anteriores, IP Management Suite (Ionix IP) versión 8.1.1.1 y versiones anteriores, y otros productos Ionix; permiten a los atacantes remotos ejecutar código arbitrario por medio de paquetes diseñados al puerto TCP 9002, también se conoce como Bug IDs CSCtn42961 y CSCtn64922, relacionados con un desbordamiento de búfer. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Unified Service Monitor due to bundled EMC SMARTS application server. Authentication is not required to exploit this vulnerability. The flaw exists within the brstart.exe service which listens by default on TCP port 9002. When handling the authentication portion of a SMARTS request the process extracts a user provided value to allocate a buffer via sm_read_string_length then blindly copies user supplied data into this buffer on the heap. • http://secunia.com/advisories/45979 http://secunia.com/advisories/46016 http://secunia.com/advisories/46052 http://secunia.com/advisories/46053 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml http://www.osvdb.org/75442 http://www.securityfocus.com/archive/1/519646/100/0/threaded http://www.securityfocus.com/bid/49627 http://www.securityfocus.com/bid/49644 http:/&# •

CVSS: 10.0EPSS: 9%CPEs: 21EXPL: 0

Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352. Multiples desbordamientos de búfer en la función de autenticación en el módulo web-server de Cisco CiscoWorks Common Services anterior a v4.0 permite a los atacantes remotos ejecutar código a su elección a través de sesiones TCP en el puerto (1) 443 o (2) 1741, también conocido como "Bug ID CSCti41352". • http://osvdb.org/68927 http://secunia.com/advisories/42011 http://securitytracker.com/id?1024646 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml http://www.securityfocus.com/bid/44468 http://www.vupen.com/english/advisories/2010/2793 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 1%CPEs: 33EXPL: 0

Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en el servicio TFTP en Cisco CiscoWorks Common Services (CWCS) v3.0.x hasta v3.2.x en Windows, también utilizado en Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager y otros productos, lo que permite atacantes remotos acceder a ficheros arbitrarios a través de vectores no especificados. • http://jvn.jp/en/jp/JVN62527913/index.html http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html http://osvdb.org/54616 http://secunia.com/advisories/35179 http://securitytracker.com/id?1022263 http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml http://www.securityfocus.com/bid/35040 http://www.vupen.com/english/advisories/2009/1390 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •