Showing 1 - 4 of 4

CVE-2018-1270

Status Candidate

Overview

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.

Related Files

Red Hat Security Advisory 2018-2939-01: Posted Oct 18, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-2939-01 - Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift. Security fix: jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries spring-framework: Address partial fix for CVE-2018-1270 Issues addressed include bypass, code execution, denial of service, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2017-12617, CVE-2018-1260, CVE-2018-1270, CVE-2018-1271, CVE-2018-1275, CVE-2018-1304, CVE-2018-1305, CVE-2018-1336, CVE-2018-7489; MD5 | a81bee41629f0971103daec531920d5c; Download | Favorite | Comments (0)

Digisol DG-BR4000NG Cross Site Scripting: Posted Jun 25, 2018; Authored by Adipta Basu; Digisol DG-BR4000NG suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2018-12705; MD5 | 61d5541a4ac9cc31ba3c8777eeb61854; Download | Favorite | Comments (0)

Digisol DG-BR4000NG Buffer Overflow: Posted Jun 25, 2018; Authored by Adipta Basu; Digisol DG-BR4000NG buffer overflow proof of concept exploit.; tags | exploit, overflow, proof of concept; advisories | CVE-2018-12706; MD5 | 020263d88e3f160d0ad5703b997c9b26; Download | Favorite | Comments (0)

Pivotal Spring Java Framework 5.0.x Remote Code Execution: Posted May 29, 2018; Authored by Jameel Nabbo; Pivotal Spring Java Framework versions 5.0.x and below suffer from a remote code execution vulnerability.; tags | exploit, java, remote, code execution; advisories | CVE-2018-1270; MD5 | 09bd4ffd26d6f0fe09bebac106a6fefc; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 58 files
Ihsan Sencan 48 files
Google Security Research 37 files
Ubuntu 35 files
Ismail Tasdelen 30 files
Debian 16 files
LiquidWorm 9 files
Ivan Fratric 9 files
Jann Horn 9 files
ianbeer 8 files

File Archives

Systems

AIX (411)
Apple (1,586)
BSD (341)
Cisco (1,827)
Debian (5,617)
Fedora (1,683)
FreeBSD (1,201)
Gentoo (3,598)
HPUX (867)
iOS (190)
iPhone (104)
IRIX (219)
Juniper (66)
Linux (34,187)
Mac OS X (653)
Mandriva (3,105)
NetBSD (255)
OpenBSD (458)
RedHat (6,824)
Slackware (858)
Solaris (1,575)
SUSE (1,444)
Ubuntu (5,843)
UNIX (8,350)
UnixWare (174)
Windows (5,386)
Other

CVE-2018-1270

Overview

Related Files

File Archive:

October 2018

Top Authors In Last 30 Days

File Tags

File Archives

Systems