Showing 1 - 5 of 5

CVE-2018-1270

Status Candidate

Overview

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.

Related Files

Gentoo Linux Security Advisory 201908-01: Posted Aug 3, 2019; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201908-1 - Multiple vulnerabilities have been found in Binutils, the worst of which may allow remote attackers to cause a Denial of Service condition. Versions less than 2.32-r1 are affected.; tags | advisory, remote, denial of service, vulnerability; systems | linux, gentoo; advisories | CVE-2018-10372, CVE-2018-10373, CVE-2018-10534, CVE-2018-10535, CVE-2018-12641, CVE-2018-12697, CVE-2018-12698, CVE-2018-12699, CVE-2018-12700, CVE-2018-13033, CVE-2018-19931, CVE-2018-19932, CVE-2018-20002, CVE-2018-20651; MD5 | c9376d585a6b8932147386522c03f930; Download | Favorite | View

Red Hat Security Advisory 2018-2939-01: Posted Oct 18, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-2939-01 - Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift. Security fix: jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries spring-framework: Address partial fix for CVE-2018-1270 Issues addressed include bypass, code execution, denial of service, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2017-12617, CVE-2018-1260, CVE-2018-1270, CVE-2018-1271, CVE-2018-1275, CVE-2018-1304, CVE-2018-1305, CVE-2018-1336, CVE-2018-7489; MD5 | a81bee41629f0971103daec531920d5c; Download | Favorite | View

Digisol DG-BR4000NG Cross Site Scripting: Posted Jun 25, 2018; Authored by Adipta Basu; Digisol DG-BR4000NG suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2018-12705; MD5 | 61d5541a4ac9cc31ba3c8777eeb61854; Download | Favorite | View

Digisol DG-BR4000NG Buffer Overflow: Posted Jun 25, 2018; Authored by Adipta Basu; Digisol DG-BR4000NG buffer overflow proof of concept exploit.; tags | exploit, overflow, proof of concept; advisories | CVE-2018-12706; MD5 | 020263d88e3f160d0ad5703b997c9b26; Download | Favorite | View

Pivotal Spring Java Framework 5.0.x Remote Code Execution: Posted May 29, 2018; Authored by Jameel Nabbo; Pivotal Spring Java Framework versions 5.0.x and below suffer from a remote code execution vulnerability.; tags | exploit, java, remote, code execution; advisories | CVE-2018-1270; MD5 | 09bd4ffd26d6f0fe09bebac106a6fefc; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 153 files
Gentoo 57 files
Ubuntu 39 files
gh1mau 18 files
s1l3nt78 11 files
hyd3sec 8 files
Bobby Cooke 7 files
LiquidWorm 6 files
AppleBois 6 files
Google Security Research 5 files

File Archives

Systems

AIX (418)
Apple (1,734)
BSD (368)
Cisco (1,893)
Debian (5,944)
Fedora (1,688)
FreeBSD (1,241)
Gentoo (3,909)
HPUX (872)
iOS (269)
iPhone (107)
IRIX (220)
Juniper (67)
Linux (38,112)
Mac OS X (668)
Mandriva (3,105)
NetBSD (255)
OpenBSD (471)
RedHat (8,891)
Slackware (941)
Solaris (1,593)
SUSE (1,444)
Ubuntu (6,763)
UNIX (8,704)
UnixWare (179)
Windows (5,659)
Other

CVE-2018-1270

Overview

Related Files

File Archive:

August 2020

Top Authors In Last 30 Days

File Tags

File Archives

Systems