Showing 1 - 3 of 3

CVE-2018-1131

Status Candidate

Overview

Infinispan permits improper deserialization of trusted data via XML and JSON transcoders under certain server configurations. A user with authenticated access to the server could send a malicious object to a cache configured to accept certain types of objects, achieving code execution and possible further attacks. Versions 9.0.3.Final, 9.1.7.Final, 8.2.10.Final, 9.2.2.Final, 9.3.0.Alpha1 are believed to be affected.

Related Files

Red Hat Security Advisory 2019-3892-01: Posted Nov 15, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3892-01 - This release of Red Hat Fuse 7.5.0 serves as a replacement for Red Hat Fuse 7.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, denial of service, deserialization, information leakage, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2017-15095, CVE-2017-17485, CVE-2018-1000850, CVE-2018-11307, CVE-2018-1131, CVE-2018-11775, CVE-2018-11796, CVE-2018-12022, CVE-2018-12023, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720, CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2018-8009, CVE-2018-8034, CVE-2019-0201, CVE-2019-0204, CVE-2019-10173, CVE-2019-14860, CVE-2019-16869, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518; SHA-256 | d033b077fbe5857e973c9773a4c3ebbcdddde8391b77c6d861aa36baf37bde9f; Download | Favorite | View

Red Hat Security Advisory 2018-1833-01: Posted Jun 12, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-1833-01 - Red Hat JBoss Data Grid is a distributed in-memory data grid based on Infinispan. This release of Red Hat JBoss Data Grid 7.2.1 serves as a replacement for Red Hat JBoss Data Grid 7.2.0 and includes bug fixes and enhancements. You can find a link to the Release Notes that describe these bug fixes and enhancements in the References section of this erratum. Issues addressed include a deserialization vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2018-1131; SHA-256 | 1e71d8bd747ccfad3ae2469493515df42c52ac5f89ae068b5699fe6c52b5f5b1; Download | Favorite | View

mySCADA myPRO 7 Hardcoded Credentials: Posted May 20, 2018; Authored by Emre OVUNC; mySCADA myPRO version 7 has a hardcoded FTP username and password.; tags | exploit; advisories | CVE-2018-11311; SHA-256 | 553ae392f5c1f157db4b69372afc77301a62e865943eaa79df04791cb4a37e73; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 291 files
Ubuntu 63 files
LiquidWorm 29 files
indoushka 20 files
Debian 19 files
Apple 10 files
Google Security Research 7 files
Chokri Hammedi 3 files
Jann Horn 3 files
Emiliano Febbi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,154)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,795)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,227)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,962)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2018-1131

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems