Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.
Max CVSS
9.8
EPSS Score
25.03%
Published
2016-07-03
Updated
2018-03-23

CVE-2016-0792

Public exploit
Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.
Max CVSS
9.0
EPSS Score
97.28%
Published
2016-04-07
Updated
2018-01-05
The remoting module in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to execute arbitrary code by opening a JRMP listener.
Max CVSS
10.0
EPSS Score
3.36%
Published
2016-04-07
Updated
2018-01-05
Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object.
Max CVSS
9.8
EPSS Score
3.86%
Published
2016-01-08
Updated
2019-12-17
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!