Search
Total
87 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-26111 | 1 Canon | 1 Irisnext | 2023-08-08 | 9.0 HIGH | 8.8 HIGH |
| The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search (or editing an existing/predefined search) of the documents. The search components permit adding BeanShell expressions that result in Remote Code Execution in the context of the IRISNext application user, running on the web server. | |||||
| CVE-2020-10199 | 1 Sonatype | 1 Nexus | 2022-07-10 | 9.0 HIGH | 8.8 HIGH |
| Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2). | |||||
| CVE-2020-3956 | 2 Linux, Vmware | 3 Linux Kernel, Photon Os, Vcloud Director | 2021-12-13 | 6.5 MEDIUM | 8.8 HIGH |
| VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability. An authenticated actor may be able to send malicious traffic to VMware Cloud Director which may lead to arbitrary remote code execution. This vulnerability can be exploited through the HTML5- and Flex-based UIs, the API Explorer interface and API access. | |||||
| CVE-2020-15143 | 1 Sylius | 1 Syliusresourcebundle | 2021-11-18 | 6.5 MEDIUM | 8.8 HIGH |
| In SyliusResourceBundle before versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4, rrequest parameters injected inside an expression evaluated by `symfony/expression-language` package haven't been sanitized properly. This allows the attacker to access any public service by manipulating that request parameter, allowing for Remote Code Execution. This issue has been patched for versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4. Versions prior to 1.3 were not patched. | |||||
| CVE-2020-15146 | 1 Sylius | 1 Syliusresourcebundle | 2021-11-18 | 6.5 MEDIUM | 8.8 HIGH |
| In SyliusResourceBundle before versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4, request parameters injected inside an expression evaluated by `symfony/expression-language` package haven't been sanitized properly. This allows the attacker to access any public service by manipulating that request parameter, allowing for Remote Code Execution. This issue has been patched for versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4. Versions prior to 1.3 were not patched. | |||||
| CVE-2020-26565 | 1 Objectplanet | 1 Opinio | 2021-08-10 | 5.0 MEDIUM | 7.5 HIGH |
| ObjectPlanet Opinio before 7.14 allows Expression Language Injection via the admin/permissionList.do from parameter. This can be used to retrieve possibly sensitive serverInfo data. | |||||
| CVE-2020-7733 | 1 Ua-parser-js Project | 1 Ua-parser-js | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA. | |||||
| CVE-2020-7779 | 1 Djvalidator Project | 1 Djvalidator | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| All versions of package djvalidator are vulnerable to Regular Expression Denial of Service (ReDoS) by sending crafted invalid emails - for example, --@------------------------------------------------------------------------------------------------------------------------!. | |||||
| CVE-2018-16621 | 1 Sonatype | 1 Nexus Repository Manager | 2021-03-04 | 6.5 MEDIUM | 7.2 HIGH |
| Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection. | |||||
| CVE-2020-7173 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A actionselectcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7181 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A smsrulesdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7182 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A sshconfig expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7183 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A forwardredirect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7184 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A viewbatchtaskresultdetailfact expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7185 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A tvxlanlegend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7186 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A powershellconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7187 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A reportpage index expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7188 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A userselectpagingcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7189 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A faultflasheventselectfact expression language injectionremote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7190 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A deviceselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7191 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A devsoftsel expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7192 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A devicethresholdconfig expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7193 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7194 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A perfaddormoddevicemonitor expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7195 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A iccselectrules expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7174 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A soapconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7175 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A iccselectdymicparam expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7176 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A viewtaskresultdetailfact expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7177 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A wmiconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7179 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A thirdpartyperfselecttask expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7178 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A mediaforaction expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7180 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 9.0 HIGH | 8.8 HIGH |
| A ictexpertdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2019-5359 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5360 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5361 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5362 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5363 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5364 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5365 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5370 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5371 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5372 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5373 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5377 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5378 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5379 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5380 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5381 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5382 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5383 | 1 Hp | 1 Intelligent Management Center | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||