Deserialization vulnerability in Microsoft Exchange MeetingPollProposeOptionsPayload.GetRequests() method. This method can be triggered with an HTTP request and with a specially crafted XML payload it can lead to OS command execution within the context of the w3wp.exe process which has SYSTEM level privileges.



The XML payload is a .NET serialized object which contains the DataContractSerializer formatter and, it may contain the ObjectDataProvider chain from YSoSerial.NET; although other chains can be used. The payload needs to be crafted to be compatible with the way in which Exchange deserializes it.

A java unsafe reflection and a Server Side Request Forgery vulnerabilities present in ProxygenController class of VMware vCenter Server Virtual SAN Health Check plugin allows remote attackers to execute commands in the context of the vsphere-ui user account.

A vulnerability in the admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution.

A combination of a server-side request forgery vulnerability and an arbitrary file write vulnerability, allows unauthenticated attackers to execute commands with SYSTEM privileges in Microsoft Exchange Server.

An OS Command Injection Vulnerability was found in Apache Tika Server 1.11= Version =1.17. The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted request.

IBM Informix Open Admin Tool is vulnerable to an unauthenticated php remote code execution, allowing attackers to execute arbitrary php code in the system.

This module exploits two vulnerabilities in Trend Micro Threat Discovery Appliance.



The first is an authentication bypass vulnerability via a file delete in logoff.cgi which resets the admin password back to 'admin' upon a reboot. This is useful if the password for the admin user is unknown.



The second is an authenticated command injection flaw using the timezone parameter in the admin_sys_time.cgi interface.

The Symantec Web Gateway Management Console before 5.2.5 allows some specially crafted entries to update the whitelist without validation. A lower-privileged but authorized management console user can bypass the whitelist validation using a specifically-modified script to create an unauthorized whitelist entry. This whitelist entry could potentially be leveraged in further malicious attempts against the network.

JBoss Application Server is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary java objects leading to remote code execution.

This vulnerability affects the EJBInvokerServlet component of the server.

JBoss Application Server is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution.