Total
164 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-22947 | 2 Oracle, Vmware | 10 Commerce Guided Search, Communications Cloud Native Core Binding Support Function, Communications Cloud Native Core Console and 7 more | 2024-02-28 | 6.8 MEDIUM | 10.0 CRITICAL |
In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host. | |||||
CVE-2022-22980 | 1 Vmware | 1 Spring Data Mongodb | 2024-02-28 | 6.8 MEDIUM | 9.8 CRITICAL |
A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized. | |||||
CVE-2022-26111 | 1 Canon | 1 Irisnext | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search (or editing an existing/predefined search) of the documents. The search components permit adding BeanShell expressions that result in Remote Code Execution in the context of the IRISNext application user, running on the web server. | |||||
CVE-2022-24847 | 1 Osgeo | 1 Geoserver | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The GeoServer security mechanism can perform an unchecked JNDI lookup, which in turn can be used to perform class deserialization and result in arbitrary code execution. The same can happen while configuring data stores with data sources located in JNDI, or while setting up the disk quota mechanism. In order to perform any of the above changes, the attack needs to have obtained admin rights and use either the GeoServer GUI, or its REST API. The lookups are going to be restricted in GeoServer 2.21.0, 2.20.4, 1.19.6. Users unable to upgrade should restrict access to the `geoserver/web` and `geoserver/rest` via a firewall and ensure that the GeoWebCache is not remotely accessible. | |||||
CVE-2021-31805 | 1 Apache | 1 Struts | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The fix issued for CVE-2020-17530 was incomplete. So from Apache Struts 2.0.0 to 2.5.29, still some of the tag’s attributes could perform a double evaluation if a developer applied forced OGNL evaluation by using the %{...} syntax. Using forced OGNL evaluation on untrusted user input can lead to a Remote Code Execution and security degradation. | |||||
CVE-2022-24818 | 1 Geotools | 1 Geotools | 2024-02-28 | 7.5 HIGH | 7.2 HIGH |
GeoTools is an open source Java library that provides tools for geospatial data. The GeoTools library has a number of data sources that can perform unchecked JNDI lookups, which in turn can be used to perform class deserialization and result in arbitrary code execution. Similar to the Log4J case, the vulnerability can be triggered if the JNDI names are user-provided, but requires admin-level login to be triggered. The lookups are now restricted in GeoTools 26.4, GeoTools 25.6, and GeoTools 24.6. Users unable to upgrade should ensure that any downstream application should not allow usage of remotely provided JNDI strings. | |||||
CVE-2021-32834 | 1 Eclipse | 1 Keti | 2024-02-28 | 6.5 MEDIUM | 9.9 CRITICAL |
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access Control (ABAC). In Keti a user able to create Policy Sets can run arbitrary code by sending malicious Groovy scripts which will escape the configured Groovy sandbox. This vulnerability is known to exist in the latest commit at the time of writing this CVE (commit a1c8dbe). For more details see the referenced GHSL-2021-063. | |||||
CVE-2021-28170 | 3 Eclipse, Oracle, Quarkus | 4 Jakarta Expression Language, Communications Cloud Native Core Policy, Weblogic Server and 1 more | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid. | |||||
CVE-2021-26084 | 1 Atlassian | 2 Confluence Data Center, Confluence Server | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5. | |||||
CVE-2020-26565 | 1 Objectplanet | 1 Opinio | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
ObjectPlanet Opinio before 7.14 allows Expression Language Injection via the admin/permissionList.do from parameter. This can be used to retrieve possibly sensitive serverInfo data. | |||||
CVE-2020-24651 | 1 Hp | 1 Intelligent Management Center | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
A syslogtempletselectwin expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
CVE-2020-7163 | 1 Hp | 1 Intelligent Management Center | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
A navigationto expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
CVE-2020-7158 | 1 Hp | 1 Intelligent Management Center | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
A perfselecttask expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
CVE-2020-7149 | 1 Hp | 1 Intelligent Management Center | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
CVE-2020-7180 | 1 Hp | 1 Intelligent Management Center | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
A ictexpertdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
CVE-2020-7176 | 1 Hp | 1 Intelligent Management Center | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
A viewtaskresultdetailfact expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
CVE-2020-7188 | 1 Hp | 1 Intelligent Management Center | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
A userselectpagingcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
CVE-2020-7172 | 1 Hp | 1 Intelligent Management Center | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
A templateselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
CVE-2020-7173 | 1 Hp | 1 Intelligent Management Center | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
A actionselectcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
CVE-2020-7170 | 1 Hp | 1 Intelligent Management Center | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
A select expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). |