The host is installed with Oracle WebLogic Server component in Oracle WebLogic Server through 10.3.6.0 or 12.1.3.0 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle Web Services. Successful exploitation can cause unspecified impact.
The host is installed with JBOSS Enterprise Application Platform 6.4.21 or 7.x through 7.3.0 and is prone to an improper neutralization of CRLF sequences vulnerability. A flaw is present in the application, which fails to handle the header field-name in accordance with RFC7230. Successful exploitation could allow an attacker to lead to improper neutralization of CRLF sequences in HTTP headers resu ...
The host is installed with Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a crafted script. Successful exploitation could allow attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.
The host is installed with Elasticsearch before 1.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle the source parameter to _search. Successful exploitation could allow attackers to execute arbitrary MVEL expressions and Java code.
The host is installed with Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a crafted script. Successful exploitation could allow attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.
The host is installed with Elasticsearch before 1.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle the source parameter to _search. Successful exploitation could allow attackers to execute arbitrary MVEL expressions and Java code.
The host is installed with Elasticsearch 1.4.x before 1.4.5 or 1.5.x before 1.5.2 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to read arbitrary files.
The host is installed with Sybase EAServer 6.3.1 Developer Edition and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to handle a particular sequence in a path. Successful exploitation could allow attackers to traverse directories and read arbitrary files.
The host is installed with Serv-U FTP Server before 11.1.0.5 and is prone to directory traversal vulnerability. A flaw is present in the application, which fails to properly validate the given input. Successful exploitation allows remote attackers to disclose potentially sensitive information and manipulate certain data.