CVE-2017-5645
- EPSS 94.01%
- Published 17.04.2017 21:59:00
- Last modified 20.04.2025 01:37:25
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
CVE-2016-1894
- EPSS 0.41%
- Published 07.02.2017 17:59:00
- Last modified 20.04.2025 01:37:25
NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors.
- EPSS 93.75%
- Published 21.04.2016 11:00:21
- Last modified 12.04.2025 10:46:40
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
- EPSS 28.03%
- Published 31.05.2015 17:59:04
- Last modified 12.04.2025 10:46:40
The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors.